According to a new study from Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, 77% of UK workers admit they have never received any form of cyberskills training from their employer.
The survey of 2,000 full-time UK workers in professional services, conducted by independent survey company, Censuswide, also found that over one quarter (27%) of workers use the same password for multiple accounts, including work email and social media, putting both their personal security and that of their company at risk from hackers.
Most worryingly, the survey also found that 69% admit that they do not have the confidence in their own cybersecurity processes when it comes to protecting their own data.
Additionally, 14% have admitted to keeping their passwords recorded in an unsecured handwritten notebook or on their desk in the office. The news comes despite the UK government’s drive to improve cybersecurity for companies, with its Cyber Essentials programme.
A further 14% do not utilise multi-factor authentication cybersecurity measures for apps or services unless required to do so – despite the fact that many consumer banking apps and social media now offer this service.
Experts have warned that such a lacklustre approach to critical cyber-awareness could land employers in hot water.
Donal Blaney, Cyber Law Expert, Griffin Law, said: “Ignorance of the law is no defence. Company directors and business owners owe it to themselves, their staff, their shareholders and their customers to know how to protect their businesses and their customers’ data. They will only have themselves to blame if this blows up in their face one day.”
Andy Heather, VP, Centrify, said: “In an age where cyberattacks have emerged as one of the most ruthless and successful forms of crime that can be committed against a business on a large scale, it is astounding to hear that so many UK companies neglect to instil even the most basic cybersecurity measures in their employees.
“Just one misplaced password could result in the theft of millions of sensitive company documents, personal information and financial fraud, allowing hackers access to critical data. Tackling this issue requires urgent investment in cyberskills training and adopting a zero-trust approach, to further reduce the risk of weak passwords leaving easy entry points and to ensure malicious parties cannot run riot in company systems with stolen log-in credentials.”