News

Most UK workers unaware of IT security issues, study reveals

Warwick Ashford

Over two thirds of UK employees are unaware of IT security threats that could affect them, a survey by security firm Kaspersky Lab has revealed.

The survey findings highlight the importance of ensuring employees are properly educated when it comes to security, said David Emm, senior security researcher at Kaspersky Lab.

Despite the sophistication of today’s malware, cyber criminals often seek to exploit human weaknesses to spread their code. This is why it is concerning to see the low level of awareness regarding potential IT security threats, Emm said.

People are susceptible for a variety of reasons, says Emm. Sometimes they simply do not realise the danger; sometimes they are taken in by the lure of something for nothing; and sometimes they cut corners, such as using the same password for all online accounts, he said.

According to Emm, businesses often ignore the human dimension of security, and even if the need for staff awareness is acknowledged, the methods used do not achieve positive results.

“We ignore the human factor in corporate security at our peril, since it is all too clear that technology alone cannot guarantee security,” he said.

Security awareness initiatives should bear in mind that employees are not security experts and should marshal the resources of communications experts such as HR and marketing, not just security, says Emm.

“It is equally important to develop imaginative approaches that go beyond simply creating a list of dos and don'ts and asking staff to sign a policy document when they join the company,” he said.

Kaspersky recommends IT managers should follow these three steps:

  • Put in place clear rules for using IT;
  • Regularly inform employees of new IT threats; and
  • Hold regular training workshops to teach small groups of employees how to use IT securely.

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy