Employees the largest source of threats, either intentionally or by accident
Despite the risks, fewer and fewer companies are investing in cybersecurity training for workers.
Only 40 per cent plan to offer this type of training this year, found a survey by IT company NOVIPRO.
This is down from 42 per cent in 2020 and 51 per cent in 2019.
While cyber crime is rampant these days, nearly four in 10 Canadians say they don't receive any cybersecurity training at work, according to a separate survey.
However, 56 per cent of organizations that were targeted by malware have paid the amounts requested by cybercriminals, and 43 per cent of respondents are more concerned about a breach since the introduction of hybrid work, finds the NOVIPRO survey of 491 respondents in October 2021.
There was a 150-per-cent year-over-year ransomware surge in 2020, according to another report.
“I am very concerned that so many organizations are paying a ransom. Companies need to be proactive in preventing cyberattacks, otherwise the impact will be devastating to them and their customers,” says Yves Paquette, co-founder and CEO of NOVIPRO.
“If organizations invested even a fraction of the potential cost of an attack, they could easily put systems in place to guard against such fraud. In the physical world, you’d employ a detachment of guards to protect something with a seven-figure value, however, there still seems to be a disconnect when the ‘something’ is digital.”
Employees often to blame
Companies that are victims of cyberattacks admit that employees are the largest source of cyber threats (53 per cent), either because they are motivated by malicious intent (31 per cent) or they unintentionally trigger an attack by clicking, for example, on a fraudulent link (22 per cent).
This prompts most organizations (76 per cent) to take the time to review their security practices, whether it's by providing training to employees (32 per cent), developing a telecommuting policy (31 per cent) or investing in software (29 per cent).
Companies are also forecasting less technology investment in the next two years (80 per cent) compared to 2020 (88 per cent). Investment plans in advanced data analytics and artificial intelligence are also declining, falling to 18 per cent in 2021 from 29 per cent in 2020.
Canadian HR Reporter recently spoke with an expert for five tips on cyber security.