The estimate for the total cost of security breaches to organizations runs into billions of pounds in the UK and is approaching a trillion in the United States. If a minimum apportion of 35 percent is attributable to human naivety or carelessness, then the time has come for organizations to take note and impose security and controls around people. The cost of security breaches to businesses is vast, especially when one considers how much it would cost to dismantle and replace an entire IT network – simply because an employee threw sensitive information in the waste paper, attached a corrupt USB into a laptop, or left a tablet device visible in a restaurant without looking over the shoulder to see who may be watching.
Technology and interconnectedness are on the rise and with this rise, so does the sophistication of criminal activity. With every new piece of technology on the market, a new layer of protection is required. New technology does not come with protective guarantees like new washing machines or fridge freezers – rather, they come with the knowledge that criminals have already tapped into this technology and devised methods to engage employees into giving away sensitive information for free.
Research carried out by the OIER shows some must read results. It provides insights into why and how employees and managers perceive what a breach of security really is and how they happen. It further shows what many managers consider a breach of security to be, and their views on security are eyebrow-raising. One manager assumed that security breaches only take place from outside the organization, and once breached, the event cannot happen again. The research also highlights every component of how organizations leave themselves at risk of fines, network overhauls and loss of jobs due to significant losses in revenue.
The research further demonstrates shocking attitudes in many areas of the office environment and how they can lead to firms reaching the brink of collapse. 79 percent of respondents transport mobile devices away from the office and encourage this, however, the OIER highlights employee attitudes as to their use of mobile devices in café bars, planes and rail travel, and the admissions into how they prioritize security around these devices as they visit wash rooms or the bar area. The research further highlights the surprising results when respondents were asked to put certain behaviours which they thought were responsible for causing the most threats, ranging from responding to junk mail by post to phishing, with results showing that responding to junk mail ranking higher than many obvious acts of carelessness. The results explain why these behaviours are helping criminals to create an industry of their own.
The OIER’s compelling paper entitled: ‘Criminals at Work: The human aspect to cyber security and the need for controls around people’ shows do’s and don’ts in detail and is designed to keep organizations free from security threats from those they employ. The research comes in the form of a white paper document and can be found here or via this link: http://www.oieres.com/oier-shop.
The document also includes a free interactive training manual for all CEOs, CFOs and senior managers.
Dr. Victor Chukwuemeka
Write something about yourself. No need to be fancy, just an overview.