Skip to main content

Millions of UK businesses experience data breaches due to employee error

(Image credit: Shutterstock)

Employee error is the cause of 60 percent of all data breaches among UK businesses, claims a new report from insurance broker Gallagher.

Polling 1,000 UK business leaders, Gallagher found the most common cause (39 percent) of employee-related breaches was malware downloaded accidentally via fraudulent links.

Phishing is also a major risk factor, responsible for 35 percent of infections. While employees pushing sensitive data outside company systems accounted for a further 28 percent.

The report also claims that almost a third of affected businesses (30 percent) have had their operations knocked out for four to five days as a result of employee error. 

Respondents also reported reputational damage (14 percent) and financial consequences (12 percent), which included fines issued by data privacy regulators.

Most executives (71 percent) are aware of the problem and almost two thirds (64 percent) said they “regularly remind employees” about the risk of cybercrime.

“Virtually all businesses are at risk of a cyber-attack and as this research shows, it is often an employee mistake which causes the problem," said Tom Draper, Head of Cyber at Gallagher.

"Cybercriminals have become increasingly sophisticated with ways of trying to obtain access to data or a company’s system and it’s hard to remove the risk of human error entirely.”

“However, by businesses taking a comprehensive, multi-layered approach to cybersecurity – including ensuring they have the appropriate insurance in place, establishing effective training programmes for employees and implementing technologies that secure the most sensitive data - they can save both money and resources in the long run, while also helping to mitigate the potential threat of an attack.”