When we relay this message at talks and keynotes, the room typically looks indignant. “Not in our business,” we hear, and “our team would never be so malicious”. But malicious behaviour only counts for a tiny fraction of all employee-related breaches. The vast majority come down to a lack of awareness and poor communication from the top.
Designing out negligence
According to the 2020 State of Privacy and Security Awareness Report, only 27% of employees could identify at least two warning signs that malware has infected their computing platform. A general lack of awareness surrounding data security and privacy is an ongoing issue. An employee’s bad habits can lead to these data breaches.
These include:
- Lost IT equipment
- Computers left unlocked or unattended
- Passwords shared via text message or WhatsApp
- Paper notes left on desks
- Working from home or in public on an unsecured Wi-Fi connection
This last habit is especially troubling, considering that more than two-thirds of UK businesses plan to continue offering remote working or hybrid arrangements.