New research has claimed nearly two-thirds (64%) of UK businesses were infected with ransomware in 2023, while 95% of workers admitted to willingly endangering the integrity of their workplace’s cybersecurity measures despite knowing the risks of attacks.
A report from Proofpoint claims 70% of surveyed employees apparently risk online such as sharing and reusing passwords and clicking phishing links.
Nearly half (48%) admitted to carelessness for convenience, 40% in order to save time, and 22% due to a perceived sense of urgency.
Phishing risks
Businesses having received 30% more financial penalties from regulatory bodies and a 78% increase in reports of ‘reputational damage’ over the course of the last year.
In its report, Proofpoint noted that it’s now clear that tech literacy, or ignorance, is not the barrier to employees keeping businesses safe online, but the actual employees themselves.
Proofpoint’s Chief Strategy Officer Ryan Kalember acknowledged the challenge of employee apathy. “Individuals play a central role in an organisation’s security posture, with 74% of breaches still centering on the human element,” he claimed.
“While fostering security culture is important, training alone is not a silver bullet. Knowing what to do and doing it are two different things. The challenge is now not just awareness, but behaviour change.”
Proofpoint notes in its report a disconnect between the attitudes of IT teams and sysadmins versus employees at the coalface. This is nothing new, but 94% of the employees it surveyed did say that they’d pay more mind to their security responsibilities if controls were more intuitive.
As Kalember notes, “Cybercriminals know that humans can be easily exploited, either through negligence, compromised identity or—in some instances—malicious intent.”
More from TechRadar Pro
