Businesses are being left open to cyberattacks as a result of employees failing to take proper precautions, a new report has warned.
Data from Impero found one in five employees in the UK have been directly involved in a security breach or loss of sensitive data, showing the sheer scale of risk for companies of all sizes.
The report also found that more than half (56%) use personal devices to access company data and systems - on average, three times a week - opening the door to threat actors.
Data breach risk
Worryingly, nearly half (42%) of those workers using personal devices to access workplace data claimed their employer had no security policies controlling how these items devices can interact with sensitive information.
This could be an incredibly dangerous move, as 91% of the employees who had been involved in a security incident said that they used personal devices to access sensitive data while at work, with half of that group (51%) doing so without adhering to a robust device security policy.
“Despite the abundance of internet-connected devices used by employees in the modern businesses, especially in the new hybrid working (opens in new tab) world, many feel their employers are not equipping them with the knowledge and tools they need to work securely, particularly when interacting with sensitive data," noted Justin Reilly, CEO of Impero.
> Half of Americans accept all cookies despite the security risk (opens in new tab)
> Microsoft reckons businesses are making a few fatal hybrid working mistakes (opens in new tab)
> Some Microsoft Office updates are being flagged as ransomware threats (opens in new tab)
“Employees shouldn’t need to be worried or threatened by the prospect of security breaches – their employers should provide the tools and training they need to feel secure. This is especially important at a time when the competition for talent is intense and ‘The Great Resignation’ looms large. A truly secure, connected working environment can only be achieved by harmonising people, processes and technology."
The research also found a quarter (24%) of employees said they weren't confident in recognizing cybersecurity threats while at work, while a similar number (26%) agree that their company could improve the quality of its cybersecurity training (opens in new tab).
- We've also featured the best VPN to keep you safe