Employees are constantly bombarded with phishing
Businesses are putting themselves at risk of all kinds of cyber-attacks due to poor practices when it comes to educating and training the workforce.
A new report from Yubico, found less than half (42%) of UK businesses it surveyed held mandatory, frequent, cybersecurity training.
There are many things employees could be taught, which would improve the cybersecurity posture of organizations, the report further suggested. For example, roughly half (47%) often write down, or share their passwords which is one of the most common mistakes when it comes to safeguarding a password.
Resetting the password
Elsewhere, the report found that many workers (33%) allow other people to use their work-issued device, while more than half (58%) use personal devices for work.
A similar percentage (49%) do vice-versa, as well, by using a work-issued device for personal use, which is another cybersecurity red flag. Finally, half (48%) have been exposed to a cyberattack such as phishing, without reporting the incident to their IT and cybersecurity teams.
Even when an employee gets exposed to a cyberattack, their organization does very little to amend the issue. “Very few” companies implemented phishing-resistant cybersecurity methods in response to being targeted, a third (28%) simply had their passwords reset, and just a quarter (28%) were made to attend cybersecurity training.
“Cyber attacks, and how to prevent them, should be top of mind for every organization. However, our research reveals a remarkable disparity between the risks of cyber-attacks and businesses’ attitudes toward them,” commented Niall McConachie, regional director (UK & Ireland) at Yubico.
For McConachie, businesses should deploy multi-factor authentication (MFA) as soon as possible, and consider FIDO2 security keys. The latter “have been proven to be the most effective phishing-resistant option for business-wide cybersecurity”, he says.
“By removing the reliance on passwords, MFA and strong 2FA are more user-friendly and can be used for both personal and professional data security. This is especially important as cyber-attacks are not limited to companies but can directly target customers and employees too.”
One of the most used-used passwords – “123456” – is still in use today, despite being known by virtually every cybercriminal out there, the report concluded.
Source: Lack of cybersecurity training is leaving businesses at risk
North Yorkshire’s Leading IT Support Provider for Success and Secure Compliance
There’s nothing we love more than seeing Yorkshire businesses flourish by harnessing the power of IT. Our team of dedicated engineers are ready to help you overcome any technical challenge and deliver tailored solutions that empower your business to meet its goals and deepen its success.
From our base in Malton, we deliver proactive IT support and services across York, North and East Yorkshire. We have a strong track record in delivering impactful IT to clients across a wide range of sectors, including manufacturing, design, professional medical services, and insurance, among many others. We focus on maintaining, optimising and securing your digital estate, so you can focus on the growth and success of your business. Contact our team and let us start our journey together today.