New research from Accenture has revealed that 55 per cent of workers cannot remember receiving specific cybersecurity training.
Combined with this shocking lack of awareness, the cost of cyber crime in the UK has risen by 19 per cent in the last year alone, raising the cost of cyber crime to £6.4 million.
It is becoming increasingly clear that everyone within an organisation bears responsibility for the entire organisation’s cybersecurity integrity; therefore specific training for all should be mandatory.
To gain this insight, Accenture surveyed 2,000 people,also finding that 70 per cent of people who have received cybersecurity training felt it improved their ability to recognise and react to threats.
One in four of the respondents said that they felt that specific cybersecurity training was the most effective way of protecting against threats. More people took this stance than those who believe that greater action from the authorities is the most effective.
Rick Hemsley, Managing Director, Accenture Security, said: “Large businesses in the UK can expect to face more than eighty cyber-attacks each year, with one in three breaching security. It’s therefore no surprise that companies are investing more than ever in security solutions. However, this research shows that no matter how much they spend, businesses that fail to educate staff about cybersecurity put themselves at greater risk of being hacked.”
Hemsley highlights perhaps the most important revelation to come from the research, that spending money cannot solve the problem, with it ultimately coming down to sealing the weak points in the organisation caused by low awareness among employees. The fast nearing arrival of GDPR may prompt more cybersecurity training.
“Effective investment will not only enable practical solutions like stronger spam filters, cloud-based e-mail analytics, virus scanners and firewalls. It will ensure employees have the tools they need to recognise threats, including phishing scams, through prevention training and awareness programs. Ultimately, an organisation’s security is only as strong as its weakest link, which in many cases could be its own workforce,” Mr Hemsley said.