Addressing poor cyber-hygiene and business-wide cybersecurity practices is essential to mitigating the risks data breaches.
In recent months, intelligence experts and former government officials have warned that members of the UK government have risked “wild west” conditions when it comes to conducting matters of national security via personal devices and email accounts.
Alarmingly, some of these unsecured communications have reportedly been hacked by overseas agents.
While the stakes are extremely high for government and public officials conducting sensitive business in this way, the same is also true for all organisations, whether in the public or private sector. Indeed, poor cyber-hygiene and business-wide cybersecurity practices risk exposing businesses to data breaches and are significant gaps that must be addressed in 2023.
Data breaches are one of the most serious security problems faced today. Yet many organisations are not doing enough to protect their employees’ data and educate them on cyber threats in order to combat them. In fact, our own research has found that 54 per cent of employees are not required to go through cybersecurity training on a frequent basis and nearly 57 per cent of respondents admitted to using a work-issued device for personal use over the last 12 months. What’s more, a significant amount of workers report having broken or lost their devices, which are commonly used to authenticate corporate business accounts.
Furthermore, the majority of employees still rely on the most basic forms of authentication as their primary method to authenticate into their accounts, which have been proven to be ineffective against today’s most common credential-stealing tactics. For example, passwords are prone to scams such as phishing, password spraying, and man in the middle (MitM) attacks, making them the least effective method of securing online data.
