The human factor is often either misjudged or omitted altogether when it comes to cyber security. Despite the three fundamental domains of effective cyber security being people, processes and technology, people are frequently left out of the equation. IT managers are usually more focused on protecting processes and technology than securing the easiest gateway into the company network: its employees. It just takes a single click on a malicious link in a phishing email to put the entire network at risk. Bear in mind that 156 million phishing emails are sent every day, and that it takes just one email sent to the wrong person for information to leak out. Can you imagine the loss in terms of money and reputation?
Escalation of staff-related incidents
Staff-related breaches are quickly escalating: according to a 2015 PwC survey, 50% of the worst security breaches were caused by inadvertent human error, up from 31% the previous year. In 2014, only 58% of large organisations and 22% of small to medium-sized organisations suffered from staff-related breaches, but this rose to 75% and 31% respectively in 2015. Companies are aware of this escalation. As a matter of fact, last year 72% of large organisations and 63% of small businesses invested in security awareness training for their staff (up from 68% and 54% in 2014) and continue to do so.
Empower your staff
Every member of staff is a potential victim and could jeopardise your network, leading to a cyber attack of unpredictable scope and sophistication. IT Governance has a wide portfolio of staff awareness e-learning courses specially developed to familiarise your employees with security awareness policies and procedures, and to keep them up to date with the latest cyber threats spread on the Internet.