Employees 'dodge' cybersecurity responsibility

New research shows that when it comes to company’s cyber security, the majority of employees (81%) believe it’s the IT department’s responsibility to ensure it.

Terranova Security by HelpSystems, a global leader in security awareness training, has published the results of a study that showcases the level of cyber security awareness among workers in the UK, France, U.S., Australia and Canada.

 

The study, conducted in partnership with research company Ipsos, surveyed 500 UK employees. It concluded there is confusion among employees over who is responsible for protecting company data. Despite the fact that human error causes 95% of cyber issues, 81% of UK employees believe it’s the IT department’s responsibility.

 

In addition, 1 in 4 employees do not think cyber security is necessary for them, and 18% believe they can’t be targeted at all by cybercriminals. The findings come at a time when the danger from a data breach is at an all-time high – businesses suffered 50% more ransomware attacks in 2021 compared to 2020. As of 2022, the average cost of a data breach to a large organisation increased to $4.35 million.

 

The research also highlighted that UK businesses aren't doing enough to support their employees when it comes to providing education on common cyber threats and security best practices. Only 42% of employees say they work in a company where cyber security awareness training is mandatory. Of the 44% who haven’t participated in any cyber security training, nearly a third (31%) indicated that their company doesn’t offer any relevant training.

 

These low training rates aren’t due to a lack of interest from employees, as 76% believe cyber security training is interesting, and 56% have started or completed the training when it’s offered to them.

 

“It’s concerning to see such a high percentage of employees who believe a company’s cyber security is not their responsibility – especially in larger organisations,” said Theo Zafirakos, Chief Information Security Officer, Terranova Security. “It’s clear that many British businesses have room to grow security awareness training strategies, especially in the face of rising cybercrime. Our research also shows there’s still quite some work to do on educating people about the important role they play in protecting data at work. These people are the first line of defence against any cyber-attack, and on a positive note, our research demonstrates a strong appetite for learning more about it. By taking responsibility to invest more in education and build a security-aware culture around data protection within the business, companies will set up a powerful barrier against any cyber threats.”

New integrations, broad marketplace access empower customers using cloud, security, and...
Expanded platform offers new approach to detecting and prioritizing risk, starting with...
New AI-powered digital agents accelerate identity security operations and decision-making.
New collaboration delivers powerful automation to streamline workflows and enhance backup...
New Palo Alto Networks data shows 82% of UK organisations confident in their use of AI, despite AI...
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data...
CyberArk has released its 2025 State of Machine Identity Security Report, revealing that machine...
Strategic software upgrade drives sustainable business growth through improved user experiences,...