UK security leaders believe that their organisation’s employees are continually exposing sensitive data to the risk of a breach yet are neglecting to take the necessary steps to control the risks. This is according to annual research carried out by Apricorn, a leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, that found 70% of corporate breaches are a direct result of employee error or malicious intent.
Of the security decision-makers surveyed, 22% said employees unintentionally putting data at risk had been the main cause of a data breach at their organisation, with staff being caught out by phishing emails close behind at 21%. Remote workers specifically had been the catalyst at 26% of organisations – up from 21% in 2022. Worryingly, 20% said employees with malicious intent had been behind a breach at their company, a rise from 10% last year. Third parties mishandling corporate information had caused a breach at 21%, up from 12%, highlighting the increasing need for tighter security in the supply chain.
Just under half (48%) the number of respondents admitted that their company’s mobile or remote workers have knowingly exposed data to a breach over the last year, a rise from 29% in 2022, while 46% stated that their remote workers ‘don’t care’ about security, up from 17% the previous year. This trend was echoed when the respondents were asked about the main problems they faced with implementing a cybersecurity plan for remote and mobile working. The biggest issue – which 28% are struggling with – is lack of awareness among employees of the risks to data when working away from the office. Also high on the list is the fact that staff who are aware of security risks will still take action that results in data being exposed or lost (23%).
Click below to share this article