Your Employees Are The Major Risk To Cyber Security

Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft Ireland has found.

A third of Irish workers surveyed used their own email for work and 24% shared files with family and friends. 

A lack of security training, the use of personal devices with work-related data and lax practices around passwords are all security risks facing public and private sector organisations, the study found.

Almost half of employees admitted they had no security training in the past 12 months, while 36 per cent said they had plugged a non-work data device such as a USB into their work device, which could lead to data loss.

The survey found that 24 per cent of people working from home have accidently shared work-related material with friends and family, while a third used personal email for work-related or customer information storage, which could be a violation of GDPR when they leave the company.

This was despite 44 per cent saying they had problems with phishing, hacking, cyber fraud or other cyberattacks, aside from attacks that were caught by their company’s security measures.Basic password rules were also being ignored, with 44 per cent recycling passwords, and only 16 per cent having updated their passwords in the last 12 months.

“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland Solutions Director. This made the finding that 22 per cent of people admitted to writing down their passwords more serious, he said.

A second stand-out finding for Mr Ryan was the number of people using non-work devices to backup data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drive, etc is really scary. Where are they moving it to?”

The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations employing more than 100 staff across both the public and private sector.

Irish Times

You Might Also Read:

Take An Analytical Approach To Cybersecurity Training:

 

 

 

« Huawei 5G Risk Can Be ‘Contained’
Only Four Suspects In Australia's High Level Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

MSG Systems

MSG Systems

MSG are committed to intelligent IT and industry solutions and offer independent consulting on all aspects of information security.

IT Association of Slovakia (ITAS)

IT Association of Slovakia (ITAS)

ITAS is a professional association of domestic and foreign companies operating in the field of information and communication technologies

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Altaro Software

Altaro Software

Altaro provide backup solutions that are intuitive, easy to use, well-priced and backed by outstanding 24/7 support as part of the package.

ePlus

ePlus

ePlus designs and delivers effective, integrated cybersecurity programs centered on culture and technology, aimed at mitigating business risk and empowering digital transformation.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

Association of anti Virus Asia Researchers (AVAR)

Association of anti Virus Asia Researchers (AVAR)

AVAR's mission is to prevent the spread of and damage caused by malicious software, and to develop cooperative relationships among anti-malware experts in Asia.

QuantLR

QuantLR

QuantLR is enabling the global mass deployment of Quantum Cryptography, by providing the world’s lowest-cost secure Quantum Cryptography solution.

BlockSec

BlockSec

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top security researchers and experiencedexperts from both academia and industry.

Ping Identity

Ping Identity

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. That’s digital freedom.

Elba

Elba

Employee security needs to be reinvented. SaaS security needs to involve end-user and awareness needs to be actionable. Meet elba, the 5-in-one cybersecurity hub with no compromises.