SMEs Need To Close The Cyber Security Training Gap

In 2020 millions of UK people began working at home because of Covid and currently in 2021, the proportion of remote workers who say loneliness and cyber security problems are serious issues has significantly increased. 

Cyber criminal attackers have benefited from the uncertainty of the COVID-19 pandemic and the isolation of remote workers and have made remote worker the victims of phishing attacks.

Government research into the UK cyber security labour market carried out in 2020 estimated that  48% of UK businesses had a basic skills gap when it came to cyber security.  This year, Vodafone completed and published a similar report which found that around 30% of UK SMEs said they don’t have a cyber security strategy in place. While this suggest the gap has closed, its clear the knowledge and skills shortages remain a big problem for SMEs. 

In 2020 the government report found 64% of cyber firms faced problems with technical cyber security skills gaps among existing staff or job applicants. A recent 2021 Capterra looking at cyber security and home working demonstrated a situation that could prove even more critical. Just 19% of those questioned believed their company had no individual they could contact regarding cyber security breaches, a rise from 11% in 2020, while a little under 50% admitted they wouldn’t actually know who to contact within their organisation if such a breach occurred. Capterra's findings, which showed the number of employees who had received IT security training had risen only fractionally year-on-year, from 20% in 2020 to 22% in 2021, despite the wider security risks faced now from remote working.

This means companies are not only battling to ensure their employees understand the appropriate safety precautions while working away from the office, but they are also struggling to find the right security employees to put proper security in place.  

Mimecast research paints another worrying picture. Some seven in 10 of those questioned believed employee behaviours such as poor password hygiene put their companies at risk but only one in five organisations had provided ongoing cyber awareness training, according to the report. 

An additional problem can be when people feel disconnected from their training, so any lessons delivered don’t sink in.
Some of the biggest threats could actually be the most simple to solve. Recent research by HP's Wolf security found that 46% of office workers admitted to using their work laptop for personal “life admin”, and 30% had let someone else use their work device. 

Mimecast:      Gov.UK:      Capterra:         ITPro:      Vodafone:    HP Wolf

You Might Also Read:

How To Write Learning Objectives For Cyber Security Training:

 

« Scientists Say Social Media Is A Risk To Humanity
Artificial Intelligence Is Being Badly Used In Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

Shinobi Cyber

Shinobi Cyber

Shinobi Defense System is an integrated security system that absolutely secures information with smart, automatic encryption and protects your endpoints by stopping any unauthorized actions.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Red4Sec

Red4Sec

Red4Sec are experts in ethical hacking, audits of web and mobile applications, code audits, cryptocurrency audits, perimeter security and incident response.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Mandiant

Mandiant

Mandiant deliver dynamic cyber defense solutions powered by industry-leading expertise, intelligence and innovative technology.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Federal Bureau of Investigation (FBI)

Federal Bureau of Investigation (FBI)

The mission of the FBI is to protect and defend against intelligence threats, uphold and enforce criminal laws, and provide criminal justice services.

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.