Why you should be providing security training for your learners

by Brett Henebery21 Apr 2017
When it comes to organisations protecting their sensitive data, most look outward towards external threats, such as viruses and malware.

As such, managers invest in sophisticated firewalls to prevent hackers from accessing the systems they rely on to run their organisation.

However, according to a new survey, employees themselves can pose a significant risk by sharing the confidential data entrusted to them.

This point was recently highlighted in an end-user security survey by one of the world’s largest technology companies.

According to the new survey, released by Dell on Thursday, 72% of employees are willing to share confidential information, making them potential liabilities for the organisations they work for.

In the financial services sector, the percentage was even higher – 81% said they should share sensitive, confidential or regulated information. This is despite the fact that 65% said that it was their responsibility to protect confidential data.

The survey showed that in order to mitigate these risks, a large number of companies are doing security awareness training, with 63% of employees reporting some form of training.

“There is no one-size-fits-all solution to this issue, because every company has different security needs. However, it’s clear that corporations and employees must meet somewhere in the middle,” the report stated.

“Though many employees already complete cybersecurity training, management may also need ‘training’ from employees to fully understand their daily tasks and scenarios in which they might feel justified in sharing confidential data.”

According to a 2016 report by Winmagic, another significant driver of these issues is learners who have a poor sense of cyber-security who use unsecured private devices for work.

The report found that 42% use private devices for work and accessing email and corporate data. More than half of respondents (52%) admitted to using private accounts (such as Enterprise File Sharing Services) to access or store corporate files. Only a third of employees said they had never done this.

Related stories:
New report underscores the importance of cyber-security training
New game trains learners to fight cyber threats
Use of personal devices putting companies at risk, says study