One-in-three Australian workers who admit to having enabled data breaches are still unwilling to change their already compromised passwords, a new study reveals.
Human error has always been a security risk, but according to cyber security firm Webroot’s latest report, office culture might present a larger issue when it comes to maintaining cyber health.
Over half of the 4000 surveyed workers have compromised personal and financial data by clicking on links from unknown senders. The report shows this behaviour isn’t a one-off either — these employees clicked on risky links multiple times.
Of this group, over a third were so apathetic, and didn’t bother to change their passwords after the breach.
And although 90% of employees consider themselves able to distinguish real emails from their phishing counterparts, 60% will click on links from unknown senders anyway.
The study also shows employees find identifying phishing in non-email communications (phone calls, notifications, snail mail and post) even more difficult. They would actually have a better chance of correctly identifying phishing if they flipped a coin.
The report comes in the wake of high-profile data breaches, involving PayID, TGI Fridays, Sephora and NAB. And that’s just in the last three months.
Apart from the obvious financial risks, poor cyber security can also lead to larger reputational issues with suppliers and customers, among others.
Educate yourself
Cyber security might seem like a time-consuming issue to resolve, but some experts say regular and incremental checks can prove more effective in the long run.
In a piece for SmartCompany, Andy Jamieson advises businesses to regularly test their own systems and update passwords.
In another SmartCompany article, Susie Jones of Cynch Security recommends breaking down the most pressing issues — anything that holds sensitive and confidential information — into “simple steps”.
Change your office culture
The biggest takeaway from the study is the need to reform office culture from apathy to vigilance.
In a piece for SmartCompany, Ilone Vass from HR firm Dancing with the Dragons encourages business owners to build competence and foster office traditions. These traditions can easily include cyber security checks and updates.
“Your employee may have problem-solving skills, which are outside of their everyday role, to help you move past any issues.
“Build their competence and confidence by allowing them to implement skills to assist with problem-solving,” she wrote at the time.
NOW READ: Seven easy cyber security checks all business owners should do
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.