Organisations are investing serious money in cybersecurity solutions to keep their data safe, but it seems it's all in vain. Not because these solutions are poor – it's because employees are deliberately side-stepping them for their own convenience. This is according to a new report by Databarracks, which says such practices are putting organisations at serious cybersecurity risks.
Side-stepping cybersecurity policies usually means taking company data offsite, fabricating or omitting information on sign-in sheets, and keeping passwords written somewhere. Almost two thirds (61 per cent) of IT decision makers believe their employees are doing this on a monthly basis, with a quarter (28 per cent) saying it’s probably daily – or more. On the other hand, more than half (59 per cent) have invested in cybersecurity solutions in the past 12 months, to defend from different malware, viruses or phishing attacks.
“We expanded the remit of the Data Health Check this year to look at how IT departments approach cyber security, and how their users experience (and respond to) their approaches,” commented Oscar Arean, technical operations manager at Databarracks.
“The results have been pretty damning, with IT managers seriously lacking confidence in their employees’ commitment to their security plans. If they’re correct, then their businesses will be left exposed to cyber threats, as well as other more traditional threats such as social engineering. It may be no coincidence that two thirds (66 per cent) of those we questioned had been affected by a cyber-threat in the past 12 months. No amount of investment in cyber security policies can make up for poor employee habits; IT managers need to address this issue if they are to secure their organisations from malicious threats.”
The best way to solve this problem, according to Arean, is to communicate more with employees, making them realise how risky their behaviour is.
Image Credit: Den Rise / Shutterstock