Nearly all (93 percent) respondents in a recent survey agreed that employers should be required by law to provide security training to staff with access to online systems.
New research from FutureLearn highlights the extent to which employees are using online systems for work, if they have received security training from their company, if their organisation had certain policies in place, how confident they feel about their ability to keep the company network safe, and finally, what they would like to learn to feel confident about protecting their company's online data and network.
The survey included responses from 494 employed full-time, part-time or self-employed learners from the FutureLearn platform.
The research found that 85 percent used email and 30 percent used social media every day for work. Forty-five percent used cloud platforms for file storage and collaboration while 36 percent used online platforms or portals for managing customer or staff data at least once a week.
More than half (57 percent) hadn't received any cyber-security training at work within the past year to understand how to prevent unauthorised access to the company network or data. Only 58 percent were confident about keeping the company network secure.
Respondents reported that organisations had guidance and policies for internet security (48 percent), data handling (49 percent), password management (47 percent), laptop encryption (30 percent), smartphone encryption (16 percent) and portable storage device encryption (34 percent).
In order to feel confident that they would be able to protect their organisation's online data and network, respondents would like to learn how to:
tell if a website is safe or not (53 percent)
check if a company has had a data breach before (54 percent)
recover from security breaches (59 percent)
store and handle customer data correctly and safely (53 percent)
identify malware types (57 percent)
“The research validates our assumption that online systems are a big part of most employees' working lives, but unfortunately, the research also shows that not all employers are giving their employees guidance and skills around security online,” said Stephen Somerville, responsible for portfolio development at FutureLearn.
“Some organisations currently mandate their employees to complete cyber-security courses and achieve a certificate to prove they have passed, but with the GDPR coming into effect in May next year, we expect that demand to keep increasing from employers around the globe. It's no surprise that organisations who take the threat of cyber-attacks seriously want to educate employees in order to avoid a data breach and the associated potential fines of 20 million euros of four percent of global annual turnover.”