Sales staff within UK companies are the most exposed to online attacks, with research suggesting that companies are underestimating the risk of failing to provide security training to non-technical staff.
The findings from Intel Security’s latest report indicate that it is of vital importance not to overlook IT security training for non-technical staff.
Sales staff, due to their frequent online contact with non-staff members, are most at risk, followed closely by call centre and customer services teams – making both departments more at risk from a cyber-attack than the company CTO.
Of huge concern is the fact that, despite this risk to sales staff, 51% of UK companies fail to provide sales staff with IT security training.
Also on the rise is the number of un-trained staff clicking on dangerous links and unwittingly unleashing a browser attack on their organisation, with the number of suspect URLs soaring 87% between 2013 and 2014.
Most worryingly, more than 1 in 10 UK companies fail to provide mandatory online security training to any of their staff, which is the highest example of this across Europe.
The Intel Security report, ‘Dissecting the Top Five Network Attack Methods: A Thief’s Perspective’, named browser attacks, network abuse, stealthy attacks, evasive technologies and SSL attacks as the top 5 attack methods.
These 5 threats accounted for over 83 million network attacks quarterly.
The report found that advanced stealth attacks, which disguise themselves to sneak into company networks, are on the rise – with Intel Security uncovering 387 new threats every minute.
Ashish Patel, regional director of network security at UK&I Intel Security, said: "With new threats being developed every minute of every day, IT teams within organisations need to rethink their approach to network security.
"Relying on broad brush security strategies that aren’t updated in line with the newest threats will leave companies increasingly vulnerable to the growing capabilities of cyber criminals.
"It’s crucial that IT professionals take time to gain a real understanding of how the network attack landscape is evolving and which threats their company must prioritise defeating.
"Our research shows there is a real disconnect between the evolving network abuse and IT teams’ comprehension of the threat these methods pose to their organisation."
"With suspect URLs in particular on the rise, companies cannot afford to overlook non-technical staff when it comes to security training – as these employees are often the most susceptible to online threats.
"Meanwhile the significant growth of network attacks relying on methods such as DDoS, ransomware, SSL attacks and advanced stealth techniques should urge IT departments and security professionals to assess their security strategies in line with these rising threats.
"Beyond simply deploying new security technology, IT professionals should assess how their existing systems communicate with each other to better secure their entire network."