A recent study conducted by QBE Insurance Group has uncovered alarming statistics concerning the susceptibility of businesses to cyber-attacks. The research points to employee errors and inadequate security measures as prime culprits. Among the findings? Nearly a third of employees, comprising 31%, have committed errors with the potential to compromise the cybersecurity of their workplace.
These lapses in security included;
- Falling prey to phishing scams (5%).
- Inadvertently clicking on suspicious links or downloading files that introduced malware to work devices (7%).
- Experiencing the loss or theft of work devices (6% and 7%).
- Sharing passwords with colleagues (13%).
Furthermore, Less than half of the employees surveyed reported that their workplace had implemented the necessary measures to counteract potential cyber-attacks.
Those measures would include;
- Cybersecurity training for staff (46%).
- Utilizing multifactor authentication for accessing work devices and systems (43%).
- Conducting phishing and cyber scam simulation exercises (29%).
The research findings underscore the urgent need for companies to invest in employee education, increasing awareness of cybersecurity risks. Erica Kofie, Head of Cyber Proposition for QBE Europe, emphasized the significance of instituting educational programs and periodic phishing simulations to enhance workforce awareness and preparedness.
“Weakest Link”
Kofie noted, “Your employees can be your weakest link when it comes to cyber security, and it is important to have an education program in place to remind them about the risks, how to spot suspicious activity, and what actions to take (or avoid).”
As cyber-attacks evolve, businesses must remain vigilant and adaptable in their cybersecurity strategies. Cyber threats, such as phishing, are becoming increasingly sophisticated, and 13% of employees express uncertainty in recognizing phishing scams.
In light of the rise of artificial intelligence, 56% of respondents believed that AI would elevate cyber risks rather than mitigate them. Eric Kofie suggested that businesses should focus on enhancing IT security, employee training, and response plans not only to bolster their resilience against cyber risks but also to enhance their risk profile, influencing the level of coverage offered by cyber insurance providers and associated premiums.
Kofie concluded, “It’s imperative for businesses to assess their cybersecurity measures, bridging any gaps that may expose vulnerabilities to cyber breaches, and ensuring their access to comprehensive insurance coverage. Through ongoing communication with customers, we stress the importance of being prepared, including sharing information on past attacks, the effectiveness of protective measures, vulnerabilities contributing to cyber breaches, and strategies for enhancing security.”
Source: Employee mistakes and poor security leaving businesses open to cyber-attacks, QBE research finds
Other News: Japan’s Cyber Insurance Market: Rapidly Growing(Opens in a new browser tab)