SPOTLIGHT ON
47% of marketing businesses have not trained employees against cyber threats
C
yber security remains one of the most challenging issues for business owners – large and small. And it seems data breaches cost UK enterprises an average of $3.88million per breach – according to IBM. And considering much of the global workforce is now remote, it has never been more important for employees to be cyber aware. Specops Software recently found that Clickjacking is the most common form of hacking in education at 66%. Whilst Phishing was extremely prevalent among other key industries at 71%. This prompted Specops Software to investigate the industries without sufficient cyber security training by surveying 1,342 businesses across 11 sectors across the UK. Results Business Sector
% of businesses that have not sufficiently trained employees against cyber threats
Travel and Hospitality
84%
Education and Training
69%
Customer Service
56%
Marketing, Advertising and PR
47%
Medical and Health
42%
Creative Arts and Design
37%
Computer and IT
30%
Charity and Voluntary Work
29%
Accountancy, Banking and Finance
23%
Recruitment and HR
19%
Legal Services
16%
sufficiently against cyber threats – a worrying statistic as breaches compromise student and staff safety. In fact, cyber attacks have been increasing year-on-year as more instances are reported, with four key reasons attackers target educational institutions: DDoS attacks, Data theft, financial gain, and espionage. Other key industries that have not provided sufficient training include Marketing, Advertising and PR (47%), Medical and Health (42%) and Charity and Voluntary Work with 29%. Understandably, the sectors with far more stringent cyber security training processes include Legal Services (16%) and Recruitment and HR (19%). Specops also sought to find out if the level of cyber security training had changed since the beginning of COVID-19. Out of the 1,342 respondents, the results revealed the following: ■ I have been trained a lot more since COVID-19 – 21% ■ I have been trained a little more since COVID-19 – 37% ■ I have not been trained since COVID-19 – 42% Business Sector
% of businesses that have since implemented cyber security training sessions since COVID-19
Education and Training
76%
Medical and Health
65%
Computer and IT
39%
Travel and Hospitality
37%
Customer Service
23%
Creative Arts and Design
22%
On average, just 41% of employees across all sectors surveyed have not been provided adequate cyber security training.
Charity and Voluntary Work
15%
Marketing, Advertising and PR
13%
It is perhaps unsurprising that those working in Travel and Hospitality have not been adequately trained against cyber threats (84%). It comes after EasyJet was recently targeted in a serious cyber-attack whereby email addresses and travel details for around 9million customers was breached.
Legal Services
13%
Accountancy, Banking and Finance
10%
Recruitment and HR
8%
In second place is Education and Training. 69% of respondents who work in this industry claim they have not been trained
Continued on next page
The Bill of Middlesex | 11
