Your Employees Are The Major Risk To Cyber Security

Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft Ireland has found.

A third of Irish workers surveyed used their own email for work and 24% shared files with family and friends. 

A lack of security training, the use of personal devices with work-related data and lax practices around passwords are all security risks facing public and private sector organisations, the study found.

Almost half of employees admitted they had no security training in the past 12 months, while 36 per cent said they had plugged a non-work data device such as a USB into their work device, which could lead to data loss.

The survey found that 24 per cent of people working from home have accidently shared work-related material with friends and family, while a third used personal email for work-related or customer information storage, which could be a violation of GDPR when they leave the company.

This was despite 44 per cent saying they had problems with phishing, hacking, cyber fraud or other cyberattacks, aside from attacks that were caught by their company’s security measures.Basic password rules were also being ignored, with 44 per cent recycling passwords, and only 16 per cent having updated their passwords in the last 12 months.

“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland Solutions Director. This made the finding that 22 per cent of people admitted to writing down their passwords more serious, he said.

A second stand-out finding for Mr Ryan was the number of people using non-work devices to backup data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drive, etc is really scary. Where are they moving it to?”

The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations employing more than 100 staff across both the public and private sector.

Irish Times

You Might Also Read:

Take An Analytical Approach To Cybersecurity Training:

 

 

 

« Huawei 5G Risk Can Be ‘Contained’
Only Four Suspects In Australia's High Level Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

AppRiver

AppRiver

AppRiver is a global provider of cloud-based email and web security solutions that protect businesses worldwide from today's ever-changing online threats.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

International Fraternity of Cybercrime Investigators (IFCI)

International Fraternity of Cybercrime Investigators (IFCI)

IFCI provides expert training and certification in Computer Forensics, Network Intrusion & Data Breach Analysis; Malware Analysis; Cyber Threat Intelligence.

Information Security Research Association (ISRA)

Information Security Research Association (ISRA)

ISRA is a non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities.

IHS Markit

IHS Markit

The IHS Cybersecurity Package is a one-stop source for published knowledge on cybersecurity, from the world’s leading publishers and authorities.

Kasin Consulting

Kasin Consulting

Kasin Consulting is a management consulting company combining a deep understanding of the cyber domain with C-suite level business understanding.

Pole SCS (Secure Communicating Solutions)

Pole SCS (Secure Communicating Solutions)

SCS is a world-class competitiveness cluster dedicated to digital technologies in the fields of Microelectronics, Internet Of Things, Digital Security, Artificial Intelligence And Big Data.

SECURITYMADEIN.LU

SECURITYMADEIN.LU

SECURITYMADEIN.LU is the main online source for cyber security in Luxembourg providing news, information and a toolbox of cyber security solutions.

Ensconce Data Technology (EDT)

Ensconce Data Technology (EDT)

EDT’s focus is on providing solutions to properly sanitize Solid State Drives (SSD) and Magnetic Drives (HDD) before they are disposed or redeployed.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

Managed IT Services

Managed IT Services

Managed IT Services is a managed IT Services Company offering a diverse range of Cyber Security services and IT solutions.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.