Employees leaving businesses open to cyber attack – QBE research

Almost a third of employees have made mistakes that could impact the cyber security of their workplace, research from QBE has found.

According to the survey, these ranged from falling victim to a phishing scam (5%), accidentally clicking a link that resulted in malware being added to a work device (7%), losing or having a work device stolen (6% and 7%) to sharing passwords with colleagues (13%).

With the nature of cyber attacks constantly evolving, businesses should make sure they are regularly reviewing cyber plans to keep up. Phishing is one example where techniques by criminals are becoming increasingly sophisticated. Some 13% of employees surveyed said they would not feel confident in recognising a phishing scam.

In addition, with the rise in artificial intelligence, the majority of those surveyed (56%) said they believe AI will actually increase cyber risk rather than reduce it (12%).

Less than half of respondents say their workplace has the following in place to mitigate potential cyber risks:

• Cyber security training for employees in place (46%)
• Multifactor authentication to log on to work devices/systems (43%)
• Phishing and cyber scam simulation exercises (29%)

Commenting on the findings of the survey, Erica Kofie, head of cyber proposition for QBE Europe said: “Your employees can be your weakest link when it comes to cyber security and it is important to have an education programme in place to remind them about the risks, how to spot suspicious activity and what to do (and not do). Sporadic phishing simulations are also recommended to highlight areas of your workforce you might need to spend more time educating about the risks.”

Amongst the factors that businesses should consider are IT security, employee training and response plans. These, Kofie explained, will not only help organisations to build resilience in the face of cyber risk, but will also improve companies’ risk profiles and subsequently the level of insurance coverage – and premium – they may be offered.

“It’s crucial for businesses to take stock of their cyber security, not only to address any gaps that might let criminals in, but also to ensure they can access full levels of insurance,” she added. “As part of our ongoing dialogue with customers, we focus on being ready, and part of this includes sharing appropriate information on failed attacks, which protections worked, the vulnerabilities which have allowed cyber breaches to happen, and ways to improve security.”


Read CIR's latest Focus Feature on cyber risk and insurance, with QBE Europe.

    Share Story:

YOU MIGHT ALSO LIKE


Investec is disrupting premium finance – Podcast
Investec made waves in entering the premium finance market, where listening and evolving in response to brokers made a real difference.

Communicating in a crisis
Deborah Ritchie speaks to Chief Inspector Tracy Mortimer of the Specialist Operations Planning Unit in Greater Manchester Police's Civil Contingencies and Resilience Unit; Inspector Darren Spurgeon, AtHoc lead at Greater Manchester Police; and Chris Ullah, Solutions Expert at BlackBerry AtHoc, and himself a former Police Superintendent. For more information click here

Advertisement