Just 8% of U.K. Firms Offer Regular Security Training



UK_Flag_shutterstock_1054452542A majority of UK businesses are failing to adequately train their remote working employees to spot security threats, according to new research from iomart.

The cloud services company based its Cyber Security Insights Report on the views of 1167 UK workers at C-level, director, manager and employee level. It found that over a quarter (28%) of their employers offer no cybersecurity training for the distributed workforce, while a further 42% do but only to select employees.

Of those who were offered training, 82% claimed that it was a short briefing rather than something more comprehensive. Less than a fifth (17%) said they had regular training sessions.

That means, overall, just 8% of those surveyed receive regular security training.

This comes at a time when threats are on the rise. A fifth (20%) of those surveyed reported seeing an increase in cyber-attacks as a result of working remotely.

Cyber-criminals have been targeting remote workers with phishing emails often themed with COVID-19 lures, as well as vulnerabilities in VPN infrastructure and insecure RDP endpoints that can be easily brute-forced or their credentials bought off the dark web.

The number of RDP ports exposed to the internet grew from three million to 4.5 million in the period from January to March 2020, according to McAfee research released in May. Bill Strain, security director at iomart, warned that organizations still aren’t placing security and data protection at the top of their priority list.

“They need to understand what the potential threats are and build resilience into their business strategy so they can react quickly and maintain operations if their IT systems are compromised,” he urged.

“Many businesses would not survive the operational — let alone financial — impact of a data breach. By understanding the potential risk and introducing positive behavior around cyber awareness, they have a much better chance of surviving an incident.”

Remote workers are thought of as a potential cyber risk as many may be more distracted at home and likely to click through on phishing emails, whilst their devices may not be as well protected as corporate equivalents.

This is a cross-post with grateful acknowlegment to InfoSec Magazine. Full story here:
https://www.infosecurity-magazine.com/news/just-8-of-firms-offer-regular/


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews