Employees in State of Denial About E-mail Security Threats says survey

Research released today by Websense, Inc. highlights that complacency is rife amongst UK employees toward e-mail security, with nearly one third (31 percent) of respondents stating they were satisfied with their company not fully protecting e-mail as they didn’t feel they would be targeted by cybercriminals.

The survey also reveals that 35 percent of respondents said a hacker’s gaining access to their computer through an e-mail borne attack would not happen to them, while 72 percent had a blasé attitude to e-mail spam saying receiving e-mails from a sender they did not recognise was an annoyance rather than a potential security threat.

The “Websense E-mail Security” survey of more than 100 respondents also reveals that UK employees are exposing their company and personal data to potential e-mail borne security threats in the way they deal with spam

40 percent of respondents open the preview screen to check spam e-mails while 33 percent open an e-mail from an unknown sender before deciding how to handle it and 22 percent open spam e-mails and admit to sometimes clicking on the embedded Web links enclosed in these.

While losing company confidential information was more of a concern than the risk of a hacking incident, 40 percent of respondents still thought this was not a risk to them.

“Today’s security attacks are becoming more targeted and stealthy, with cybercriminals using multiple channels and attack methods to weave their way into an organisation to steal corporate and personal data,” said Ross Paul, director of product management, Websense.

“This research indicates a knowledge shortfall about e-mail security amongst UK employees. With e-mail threats so sophisticated, organisations that have not taken responsibility for security away from their employees are leaving their company data exposed and employee personal data at risk. Businesses need to ensure they have real-time Web and e-mail security in place combined with robust business processes and proactive staff education, to protect their confidential information and safeguard their employees.”