View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Train sales staff or face online attacks, Intel Security warns

Risk of successful attacks on untrained staff could soar as suspect URL’s see 87% growth.

By Ellie Burns

Sales staff within UK companies are the most exposed to online attacks, with research suggesting that companies are underestimating the risk of failing to provide security training to non-technical staff.

The findings from Intel Security’s latest report indicate that it is of vital importance not to overlook IT security training for non-technical staff.

Sales staff, due to their frequent online contact with non-staff members, are most at risk, followed closely by call centre and customer services teams – making both departments more at risk from a cyber-attack than the company CTO.

Of huge concern is the fact that, despite this risk to sales staff, 51% of UK companies fail to provide sales staff with IT security training.

Also on the rise is the number of un-trained staff clicking on dangerous links and unwittingly unleashing a browser attack on their organisation, with the number of suspect URLs soaring 87% between 2013 and 2014.

Most worryingly, more than 1 in 10 UK companies fail to provide mandatory online security training to any of their staff, which is the highest example of this across Europe.

The Intel Security report, ‘Dissecting the Top Five Network Attack Methods: A Thief’s Perspective’, named browser attacks, network abuse, stealthy attacks, evasive technologies and SSL attacks as the top 5 attack methods.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

These 5 threats accounted for over 83 million network attacks quarterly.

The report found that advanced stealth attacks, which disguise themselves to sneak into company networks, are on the rise – with Intel Security uncovering 387 new threats every minute.

Ashish Patel, regional director of network security at UK&I Intel Security, said: "With new threats being developed every minute of every day, IT teams within organisations need to rethink their approach to network security.

"Relying on broad brush security strategies that aren’t updated in line with the newest threats will leave companies increasingly vulnerable to the growing capabilities of cyber criminals.

"It’s crucial that IT professionals take time to gain a real understanding of how the network attack landscape is evolving and which threats their company must prioritise defeating.

"Our research shows there is a real disconnect between the evolving network abuse and IT teams’ comprehension of the threat these methods pose to their organisation."

"With suspect URLs in particular on the rise, companies cannot afford to overlook non-technical staff when it comes to security training – as these employees are often the most susceptible to online threats.

"Meanwhile the significant growth of network attacks relying on methods such as DDoS, ransomware, SSL attacks and advanced stealth techniques should urge IT departments and security professionals to assess their security strategies in line with these rising threats.

"Beyond simply deploying new security technology, IT professionals should assess how their existing systems communicate with each other to better secure their entire network."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.