88% of UK data breaches ware caused by human error, not cyber-attacks. These were the findings in research carried out by Kroll, a global provider of risk solutions, using data obtained from Information Commissioner’s Office (ICO). They also reported that the ICO had seen a 75% increase in reports of data breaches over the last 2 years.
A data breach is bad news and the last thing your business needs. Alongside the risk of fines by contravening GDPR, there is also the risk of potential downtime and costly disruption.
Implementing the right technology is one aspect of cyber security but following structured data processes and training staff is another vital part and given the statistics, perhaps the most important.
Your data is in the hands of your employees, but if anything were to happen to your data, the buck stops with you. You can’t monitor online activity 24/7, but with training and having the right systems in place, you can minimise your risks.
Where do your data vulnerabilities lie?
Phishing Emails: Raise awareness in phishing emails and educate users on how to spot fake emails. Create a positive security culture where it’s okay to double check information and encourage people to think before they click.
Email Distribution: 37% of the reported data breaches were as a result of misdirected emails; people sending sensitive information to the wrong recipient. Another common mistake is to “cc” in recipients rather than “bcc” which then exposes email addresses.
Passwords: Despite public awareness campaigns around the importance of strong passwords, the top 3 most common passwords in 2018 remain 3 of the easiest to guess – 123456, password and 123456789. Weak passwords are a door opener for hackers and people need to be educated on the importance of a strong password, even if they aren’t the easiest to remember!
Other common vulnerabilities include the use of mobile devices in the workplace and people browsing and clicking on unsecure or malicious websites.
Data breaches are rarely an act of intentional malice, but simply a case of being uninformed.
Raising staff awareness does not mean having to organise costly training programmes. HBT supports many clients with training and we have access to a range of online resources which includes interactive training programmes. These are straightforward to set up and enables you to monitor who has participated and how well they did.
We have also created a Security Hub which includes useful articles and posters for you to print out and display around your workplace. Register here to access our Security Hub.
To find out more, contact us on 02476 867 422 or
click here to register for a free security review.