A recent Kaspersky Employee Wellbeing 2021 report unveils that while organisations regularly face employee data leakage, 36% of respondents from the META region prefer not to disclose these incidents publicly.
At the same time, staff may lack basic cybersecurity knowledge to protect themselves as only 38% of businesses offer IT security training.
According to the report, lack of external knowledge about potential cybersecurity incidents is not usually mitigated by internal efforts.
According to the research, only 38% of organisations have already implemented security education and training to ensure that employees are provided with crucial information.
In addition, more than seven in ten (76%) of those companies have experienced at least one issue relating to the quality of these services.
This includes dissatisfaction with the high complexity of courses and a lack of support or expertise on the part of the training provider.
Employees that had not been provided with basic knowledge about the importance of protective measures, can’t be expected to follow the rules.
In 2021, compliance of staff and dealing with insufficient end-user security culture is one of the top three biggest concerns for businesses when it comes to IT security – 38% of respondents cited it among the most alarming issues.
In practice, companies regularly face informational security infringements (50%), inappropriate IT resource use (53%), and improper sharing of data via mobile devices (50%).
Breach prevention requires concerted action by everyone who interacts with a corporate system and could be a potential target for attackers.
To better secure employees, companies should combine reliable protective measures with maintaining security awareness among their teams.
These include:
- Ensuring prompt patching and updating of software to prevent adversaries penetrating the system.
- Implementing high-grade encryption for sensitive data and enforcing strong credentials and multi-factor authentication.
- Using effective endpoint protection with threat detection and response capabilities to block access attempts, and managed protection services for efficient attack investigation and expert response.
- Minimising the number of people with access to crucial data. Breaches are more likely to occur in organisations where too many employees work with confidential and valuable information that can be sold or somehow used.
- Equipping your employees with the cybersecurity skills they need.
There is a need for the organisation to provide education that presents all the necessary and up-to-date information in an engaging format.
To save time and receive a quality service, companies should work with globally recognised providers that can ensure an efficient learning process.