Half of British workers are unconcerned with internal security policies at their firms, believing it does not affect their work, according to the network vendor Cisco.
Results from a study by the firm have led them to warn companies that they are not focusing enough on the threat posed by insiders, who endanger their employers through a mixture of ignorance and malevolence.
Terry Greer-King, director of cyber security at Cisco UK & Ireland, said: "The results show that most employees recognise the threat from cybercriminals is real and worthy of continuous defence, but it also reveals that employee complacency about IT security is increasing the risks for UK businesses."
"An employee who blindly trusts is one amongst several ‘weak links’ in the security chain."
As much as 40% of workers were unaware of major cybersecurity threats, and the risks associated with them, with only half believing they were responsible for guarding corporate and personal data.
Almost two-thirds also thought their behaviour only had a low or moderate impact on the risk of being hacked, and all said they were using the network for personal transactions, showing a degree of faith in the security of company systems.
Greer-King said that he thought the number of employees with bad intentions was miniscule, adding that "educational steroids" would "make a huge dent" in insider threat.
Yet the survey also showed that 70% of employers identified cybercrime as one of the top two threats to data security, while only half pointed to employee behaviour.
This article is from the CBROnline archive: some formatting and images may not be present.