IT and Employees Don’t Always See Eye to Eye on Cybersecurity

Although organisations appear to be highly concerned with cybersecurity, they often don’t follow the practices put into place to prevent a data leak. One of the reasons is that IT leaders and employees have completely different views on security measures, and another being the lack of emphasis on security risks, such as outbound threats, where data security training can often be out of date.

According to Zivver’s Freedom to Focus research, 47% of employees believe IT teams should be responsible for email security. And this isn’t the only disconnect. In fact, although 43% of IT leaders are concerned about data loss through email, preventative measures often aren’t put into place. Instead, IT leaders put a huge emphasis on inbound security threats, such as phishing, ransomware, and malware, so the severity of outbound risks can often be overlooked.

Businesses aren’t as secure as they think

Businesses often present themselves to be highly proactive when it comes to their cybersecurity needs, but unfortunately, vital security aspects can be missed. 77% of organisations don’t keep their approach to risk and email security under constant review. This means businesses are still trying to push outdated and unused security measures, such as time-consuming protocols and processes.

With both employees (81%) and IT leaders (89%) viewing email as the most secure way to send sensitive information, it is clear there is a gap in today’s data protection. Accidents like sending the wrong attachment or using ‘reply all’ by mistake are just two examples of the email mishaps that employees admit to. Without a reliable preventative measure in place, these errors will continue to occur.

IT leaders and employees aren’t seeing eye to eye

Although 85% of IT leaders say there is always a place for data security training, a third (33%) of employees don’t see any value in it. Given there is a disconnect between employees and IT leaders, it’s no surprise that the current procedures aren’t as effective as expected.

Since both IT leaders and employees agree that email is the business-essential as opposed to collaborative platforms such as Teams, Slack, or Workplace, the need to ensure it is safe is highly important. Reducing the number of IT systems and training programs is one step to a more secure digital environment, but the most important is implementing a solution that helps reduce the load.

Security shouldn’t be a burden

Businesses need to free up employee time instead of burdening them with extensive protocols. By implementing solutions that work automatically, employees will instead become empowered and less stressed. In fact, almost half (49%) of IT professionals believe that progressive risk management looks like the use of more smart technologies.

Organisations not only need to understand how their employees react to security measures, but also put more emphasis on the whole scope of security risks. To actively progress, IT leaders need to implement smart solutions that actually work, instead of relying on and burdening their employees with extensive training procedures.

With a frequent review of security practices and ensuring risk is more proactive, rather than reactive, businesses will begin to flourish as their security is no longer left to IT leaders or at the hands of busy employees.

Read the full article here


Mark Lynd (CISSP, ISSAP, ISSMP), Head of Digital Business at Netsync is Top ranked global thought leader, author, speaker and practitioner for, AI, Data Center, IoT and Cybersecurity. He has been an accomplished enterprise CIO, CTO, CISO and Board Member for several large organizations. Mark has performed speaking and thought leadership engagements for Oracle, Intel, IBM, Cisco and others. He was named an Ernst & Young’s "Entrepreneur of Year – Southwest Region" Finalist and presented the Doak Walker Award on ESPN’s CFB Awards Show to a national television audience. He served honorably in the US Army’s 3rd Ranger Battalion & 82d Airborne.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book