Content

Employees lack confidence in keeping their company networks secure

Nearly all (93 percent) respondents in a recent survey agreed that employers should be required by law to provide security training to staff with access to online systems.

New research from FutureLearn highlights the extent to which employees are using online systems for work, if they have received security training from their company, if their organisation had certain policies in place, how confident they feel about their ability to keep the company network safe, and finally, what they would like to learn to feel confident about protecting their company's online data and network.

The survey included responses from 494 employed full-time, part-time or self-employed learners from the FutureLearn platform.

The research found that 85 percent used email and 30 percent used social media every day for work. Forty-five percent used cloud platforms for file storage and collaboration while 36 percent used online platforms or portals for managing customer or staff data at least once a  week.

More than half (57 percent) hadn't received any cyber-security training at work within the past year to understand how to prevent unauthorised access to the company network or data. Only 58 percent were confident about keeping the company network secure.

Respondents reported that organisations had guidance and policies for internet security (48 percent), data handling (49 percent), password management (47 percent), laptop encryption (30 percent), smartphone encryption (16 percent) and portable storage device encryption (34 percent).

In order to feel confident that they would be able to protect their organisation's online data and network, respondents would like to learn how to:

  • tell if a website is safe or not (53 percent)

  • check if a company has had a data breach before (54 percent)

  • recover from security breaches (59 percent)

  • store and handle customer data correctly and safely (53 percent)

  • identify malware types (57 percent)

“The research validates our assumption that online systems are a big part of most employees' working lives, but unfortunately, the research also shows that not all employers are giving their employees guidance and skills around security online,” said Stephen Somerville, responsible for portfolio development at FutureLearn.

“Some organisations currently mandate their employees to complete cyber-security courses and achieve a certificate to prove they have passed, but with the GDPR coming into effect in May next year, we expect that demand to keep increasing from employers around the globe. It's no surprise that organisations who take the threat of cyber-attacks seriously want to educate employees in order to avoid a data breach and the associated potential fines of 20 million euros of four percent of global annual turnover.”

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.