55% UK workers not given cybersecurity training - Webroot comment
September 2017 by David Kennerley, Director of Threat Research, Webroot
The comment from David Kennerley, Director of Threat Research, Webroot on the recent news from Ponemon research that has revealed that 55 per cent of workers cannot remember receiving specific cybersecurity training.
Organisations have a tendency to focus too much on the technology aspect of cyber security, overlooking the importance of people and process. Unfortunately an organisation is only as strong as its weakest link – and in terms of security, employees are by far the weakest link. This is evident in the high profile breaches that have taken place over the past few months, highlighting the different methods attackers can use to gain access to a network. In most cases, employee training could have either prevented the attack or reduced the impact.
Technology plays an essential role in any defence, but at the same time technologies cannot stop an employee giving their details out over the phone to someone they believe is from the IT department. And it cannot stop an employee using their corporate password for on their favourite social media sites or writing down their hard to remember passwords. Relying purely on technology as an organisation’s only form of defence is extremely short-sighted. Instead organisations should look to give employees the help that they need to become more security literate as well as make use of technology, a dual approach for a successful strategy.