Half of Aussie businesses have seen increase in data threats
Half of Australian businesses have seen an increase in internal threats or data leaks in the last 12 months, according to new research by email security and cyber resilience company Mimecast.
Coinciding with the kick-off of National Privacy Awareness Week, which runs from 2 – 8 May, Mimecast also revealed that 47% of Australian companies are concerned about the risk that security nave employees pose to their businesses.
Given that the theme of the week is “Privacy: The Foundation of Trust”, Garrett O'Hara, field chief technologist, Mimecast says that it is a timely reminder of how people are being bombarded more than ever, with news and information across various sources.
When this is combined with working from different locations, it is easy for individuals to slip up or fall victim to malicious activity that can cause all manner of security nightmares for a company.
“In research we conducted in 2021, we found that over one in five of Australians had experienced a privacy incident at work and we expect this pattern to continue through 2022,” says O'Hara.
“While there is a lot more work to be done, we're seeing Australian companies start to understand they need to be constantly training and educating staff on how to keep their privacy – and the privacy of their employee's data and that of their customers – safe.
Mimecast's recent survey showed that only 23% of Aussie employers provide ongoing cyber awareness training for employees, but it is becoming more of a focus with 85% of businesses offering training at least once a quarter.
At a time when cyber threats are increasing and becoming more complex, O'Hara commented that all businesses – from SMBs to large corporations – need to make sure the foundations of their cybersecurity are sound, including regular, engaging training alongside the right technology.
“Businesses need to heed the wakeup call – Australian workers are distracted, remote-working sitting ducks, which leads 8 out of 10 organisations to believe their company is at risk due to inadvertent data leaks by careless or negligent employees,” he says.
O'Hara offered some simple tips for businesses and staff to follow this Privacy Awareness Week and throughout the year:
- Balance trust with a healthy dose of caution – if an email or message through other communication looks off, don't' open it. Report it to your IT team straight away.
- No one ever died of embarrassment – if you accidentally open a dodgy link or send information to the wrong person, report it. Any organisation worth its salt will encourage such reporting and remember, every minute counts when it comes to minimising the fallout of a privacy slip-up
- Think before you share anything online – be it an email, too much information on social media or your credentials on a website. Sharing isn't always caring.
- Training – don't make it a snooze-fest. Especially with much training now happening remotely, it needs to be engaging so people attend and take it in. Balance regularity with some light humour
- Encourage people to speak up – nearly a quarter of Aussies who don't report a privacy incident stay silent because of embarrassment. Create a culture where people feel they will be supported if they report an incident.
- Refresh – cyberthreats are constantly evolving, so even when policies, technology and training are in place, they need constant updating to stay ahead of the game.