INTELLIGENT BRANDS // Enterprise Security
One person in four risks sharing confidential workrelated information
KnowBe4 Research reveals the results of a survey that found that nearly a quarter of employees are unsure whether the information they are working with is confidential or not .
A new survey carried out by KnowBe4 Research shows that nearly a quarter of employees are unsure whether the information they are working with is confidential or not .
KnowBe4 Research investigates the IT security culture of companies worldwide . They carry out continuous surveys to see how companies and organizations handle IT security and training . in other areas . Unfortunately , IT security is equally important for everyone , regardless of business sector .”
A great many workplaces include non-disclosure agreements , specifying what can and cannot be shared , in their employees ’ employment contracts .
“ These figures indicate that the issue has generally not been properly explained to or followed up with employees ,” said Roer .
“ When someone starts a new job , they are given access to a lot of information . It is the manager ’ s responsibility to follow up and ensure that their employees are confident in their role and know how to handle the information they encounter .
New figures show that 24 % are unsure whether the information they are working with is confidential or not . This means that information that ought not to be shared with others outside the organization risks leaking out , without the employees being aware of the hazard .
“ Managers have a responsibility to train their staff to treat the information they are working with in a good way . That as many as a quarter of employees are unsure about this indicates a considerable failing in many companies ,” said Roer .
If confidential information falls into the wrong hands , it could harm the company in a variety of ways . Some information could be market sensitive , some could impact the organization ’ s reputation or breach data privacy regulations , while leaked log-in information could give cybercriminals access to business-critical internal systems .
“ It is equally important to ensure that employees handle confidential information correctly as time goes on . It is not enough just to provide training when people join the organization .”
Constant follow-up and training in the practice of IT security is needed to refresh employees ’ awareness and keep them up-to-date .
“ Cybercriminals are working constantly to develop more cunning methods of attack . In addition , things can happen within the company to change the situation , which employees must be made aware of ,” said Roer .
The survey was carried out by KnowBe4 Research . A total of 408,929 respondents worldwide took part in the survey . p
There are considerable differences between different business sectors . In the construction , education , transport and retail sectors , as many as 34 %– 35 % say they are unsure about the status of the information they are working with .
In banking and finance , the proportion is down at 16 %.
“ We also see the same tendency in the annual security culture report . Sectors like banking and finance are , on the whole , more used to dealing with confidential information and probably have better routines and procedures for this ,” said Roer .
“ We see a clear link between the various aspects of security culture . The organizations that do well in one area , generally also do well
68 INTELLIGENTCIO APAC www . intelligentcio . com