Staff training is an underused cyber-security policy

Businesses should invest in knowledge, and not ‘just’ cyber-security solutions, The Open University warns. Staff should be better educated on the dangers of cyber-attacks and how to best protect themselves and their organisations, it said.

The comment comes as a reaction to a recent government research which says that, even though almost two-thirds of large UK companies suffered a cyber-attack, only 17 per cent have invested in training their staff.

The Open University says that investing in cyber-security solutions alone won’t cut it. And talking about investments, it was said that just last year, UK firms increased their IT security spending by almost £16 billion. It was also said that the rising cost of cyber-attacks to the UK economy currently sits at £34 billion.

Steve Hill, Director of External Engagement at The Open University, comments: “Businesses need to recognise that investing in IT infrastructure and retraining staff must go hand in hand. As the techniques used by hackers to breach networks and servers become more sophisticated, companies need to do more than simply update their IT systems. Instead, they must ensure that their employees have the knowledge and skills to maintain best practice and future-proof the company’s defences.”

Steve continues: “It is important to recognise that a firm’s cyber security measures cannot simply rely on the expertise of a skilled IT team. Knowledge about best practice must be widespread across an organisation.”

On Wednesday, policy experts will meet in London to discuss cyber-security, on an event called ‘Working in Partnership to Reduce Risk in the Digital Age’, organised by the Public Policy Exchange.

Photo Credit: Pavel Ignatov/Shutterstock