New research has revealed that almost half (43 per cent) of employees have made mistakes that compromised their company’s cyber security.
The report by Tessian combined survey data and insights from Stanford University professor Jeff Hancock to help understand why people make such mistakes and what businesses can do to prevent them in the future.
Interestingly, the research found that younger employees are more likely to admit that they have made a mistake that could have compromised security than their older counterparts.
Some 50 per cent of those aged 18 to 30 revealed that they had made an error that compromised cyber security, compared to just 10 per cent of those aged over 51. However, this might not be because those in the older generation are trying to cover up their mistakes, but in some cases that they’re less aware that they’ve made a mistake in the first place.
The findings of the research also show that different age groups are more susceptible to making different kinds of errors.
For instance, just eight per cent of workers over the age of 51 said that they had clicked on a link in a phishing email, compared to 32 per cent of those aged 31 to 40, although the survey also found that those in the older age group were also least likely to know what a phishing email was.
Professor Hancock stressed that the findings highlight the importance of tailoring cyber security training to suit different demographics of employees.
He explained that the training being provided should reflect the fact that “different generations use tech, and have grown up with tech, in different ways”.
“Younger employees have a thirst for knowledge, so teach them the techniques that hackers will use to target them,” Professor Hancock recommended.
He also said that it’s essential that businesses don’t assume that everyone in the older age groups is tech illiterate, doing so “isn’t going to be well-received”.
“Instead, engage them in conversation and help them understand how their strengths and weaknesses could be used in an attack,” he advised.
It isn’t only cyber attacks, such as phishing scams, that are causing issues in relation to cyber security either. One of the most common errors was sending an email to someone by mistake. 58 per cent of those questioned said that they had done this, with 20 per cent of businesses losing a customer as a result and 12 per cent of staff losing their job.
The research also revealed that workers make more mistakes when they are stressed or tired, indicating that this is an area that businesses should pay attention to. In fact, Professor Hancock stated that understanding the effect stress has on behaviour is “critical” to improving an organisation’s cyber security.
With more people than ever before working from home, it’s essential that HR and IT departments are mindful of how this might affect cyber security and that they put appropriate measures in place to protect their organisation.
As we recently revealed, figures from Citizens Advice show that one-third of Brits have been contacted by scammers since the Covid-19 pandemic began. There are many potential security and data protection issues that businesses need to be aware of and IT departments will need additional resources to provide the support required for secure remote working.
If you feel you would benefit from GDPR consultancy services, get in touch with us today to find out how we can be of assistance.