A startling new report reveals that nearly one third of employees have made mistakes that could jeopardise their company's cyber security. These range from falling for phishing scams to accidentally downloading malware onto work devices. With cyber threats only growing in scale and sophistication, businesses must take action to mitigate the internal risks posed by human error.
The research by QBE found that only 46% of workplaces have cyber security training in place for staff. Meanwhile, under half utilise basic protections like multi-factor authentication and phishing simulation exercises. This lack of education and preparedness leaves companies dangerously exposed. Employees simply don't have the knowledge to identify risks and respond appropriately.
As Erica Kofie, Head of Cyber Proposition for QBE Europe noted, "Your employees can be your weakest link when it comes to cyber security." Comprehensive training is essential to raising awareness of potential threats. Employees should understand best practices for spotting suspicious links, unsecure websites, and other red flags. Occasional phishing simulations also sharpen instincts and reveal vulnerable areas to focus education efforts on.
With AI predicted to amplify rather than reduce cyber risk in the coming years, ongoing vigilance will be key. Businesses must continuously review and adapt their cyber security plans. Emerging techniques like increasingly complex phishing attacks should be built into staff education and training. By regularly evaluating their strategy, companies can both strengthen their protection and potentially improve their cyber insurance cover.
As Kofie emphasised, "It's crucial for businesses to take stock of their cyber security, not only to address any gaps that might let criminals in, but also to ensure they can access full levels of insurance." With human error the largest internal threat, employee education and readiness must be the cornerstone of every company's cyber security plan.