Businesses will remain vulnerable to cyber security threats if they don’t change the way they approach training.
It doesn’t matter how complex and expensive your cyber security suite is if organisations fail to address employee naivety when it comes to the basics.
This is according to APMG and Templar Executives who gave a master-class speech on the best strategies to identify and combat the threats of cybercrime.
Combining the complexity of overlapping systems and changing personnel with different IT habits can lead to complex and multi-faceted cyber environments for companies to manage.
Andy Taylor, CLAS Consultant & Lead Assessor, APMG, said: "With employees coming from different backgrounds and industries joining an organisation at various points in its development, each with their own ideas on how to approach cyber security, you end up with a disjointed approach.
"It’s not about age; it’s entirely about behaviour and some employees are more naïve regarding basic cyber security habits than others."
Instead of resorting to throwing money at the issue, Taylor suggests to analyse the layers and to position the organisation so that it can best face the risk.
Andrew Fitzmaurice, CEO, Templar Executives, said: "Considering that 100% of all cybercrime victims had installed anti-virus or cyber security suites, the problem is one of user-habit.
"Furthermore, 100% of known breaches involve stolen credentials. For the most part, these credentials are offered up by the victim, either by persuasion or ignorance."
Fitzmaurice goes on to say that security programmes’, cyber insurance and high control safety systems are, "useless when someone wants to disobey the rules. In the face of human nature, it is best to nurture positive security habits in the office, than simply enforce cyber security procedure."