When employees become a cyber threat
More fear, but no rethink: 65 percent of employees in Swiss SMEs are still secretly violating IT security rules, according to a survey by Sharp. 26 percent of the employees surveyed believe that cyber security is not their responsibility.
Whether it's dubious emails, unsecured Wi-Fi connections or suspicious websites, one of the golden rules of everyday working life is: "Don't click on anything." So much for the theory - but reality shows that an increasing awareness of cyber threats does not necessarily mean that office workers behave with the necessary caution.
Five questionable behaviors increase cyber threat
A survey conducted by Sharp among a total of 1,001 Swiss employees in SMEs revealed that almost two thirds of respondents (60 percent) engage in risky IT-related behavior in their day-to-day work that they conceal from their superiors. The five most frequently mentioned questionable behaviors are
- Irregular updating of company laptops (17 percent)
- Logging into unsecured WLAN networks with company end devices (16 percent)
- Sharing memes with colleagues on Whatsapp (16 percent)
- Downloading unauthorized software on company laptops (15 percent)
- Not logged out of the work account at the end of the working day (15 percent)
As awareness of cyber threats has increased overall, the results suggest that security breaches are happening less out of ignorance than out of convenience or indifference.
The survey also shows that companies are particularly vulnerable to cyberattacks on Friday afternoons, with almost one in four respondents (24 percent) saying they were most likely to make a cybersecurity mistake at the end of the working week. More than a third (37 percent) cited stress due to high workloads as a reason for increased likelihood of error.
Cybersecurity? Let the others do it!
Despite growing concerns about cyber threats, many respondents do not believe that it is their responsibility to ensure their company's cyber security. In fact, 26 percent of employees surveyed in Switzerland believe that their company's IT department - and not they themselves - should take care of everything to do with this issue. 16% of Swiss employees even stated that they would not care if their company was hacked - the highest figure in Europe compared to all other countries surveyed in the study.
Overall, the responses suggest that employees need additional motivation and resources to keep cyber security in mind in their day-to-day work - especially just before the weekend or when workloads are high.
Raise awareness and train
According to IBM the cost of a cybersecurity breach in 2024 was $4.88 million - a 10% increase on the previous year and the highest total to date. Given these risks and costs, organizations need to ensure their teams have the right resources and knowledge to protect their digital ecosystems.
"Cybersecurity is not just about protecting companies, but also about protecting the people behind the company data," says François Müller, COO Sharp Electronics Switzerland. "Employees must understand that they themselves play a crucial role in cyber security in their respective companies, that the issue is the responsibility of each individual and that they must therefore act carefully. Companies must equip their employees with the right tools and support them with appropriate training so that they recognize cyber threats early on and know how to deal with them appropriately. The best technical protective measures are of little use if the human security risk is not fully considered and integrated."
Source and further information: www.sharp.ch
This article originally appeared on m-q.ch - https://www.m-q.ch/de/wenn-mitarbeiter-zur-cyberbedrohung-werden/
