Employee negligence and poor security habits are causing data breaches

Attackers are always looking for ways to gain access, and employee negligence is one of the most common ways they get in.   It is critical that each employee is aware of the threats they face and adopts best practice habits to protect them from a breach.

While annual awareness training is a key part of this goal, an on-going awareness marketing and communication plan is key to user-level culture change and adoption of these secure habits. Refresher courses, posters, newsletters and mini-modules on security best practices and recent scams reiterate the importance of security and foster a culture where being secure is part of everyday life.

Is it really that important?

“Negligent insiders and malicious attacks are the main causes of data breach. Thirty-nine percent of organizations say that negligence was the root cause of the data breaches,”Symantec’s recent data breach report found within their reported breaches.

Ponemon Institute’s recent survey found the following in regard to the risk of annual fraud:

  • According to 74 percent of respondents, an employee’s malfeasance has caused financial loss and possibly brand damage
  • On average, organizations have had approximately 55 employee-related incidents of fraud in the past 12 months (with this report published February 2013).
  • Contributing to the insider risk is BYOD, employee access of enterprise systems from remote locations and lack of security protocols over edge devices.

These numbers emphasize the importance of a security training program in your organization. Check out our security awareness training and complete compliance solution here.