Cyber Security…it affects us all

Cyber Security…it affects us all

Recruitment agencies carry a lot of data - both personal and professional - about their candidates and clients. The security of such data – across every industry, not just recruitment - is an increasing concern as technology marches ahead in Recruitment Website Design.

The risk of a new employee making what could be a significant data breach (however unintentionally) is very real, particularly if you take into account the findings of a report from Manchester-based tech company Evaris. Their study shows that two-thirds of the employees surveyed were never given basic IT or cyber security training when they joined their employer. Given the vast range of roles that don’t seem to rely on a computer, this may not seem too shocking a statistic. However, of these employees surveyed, a staggering 86% say they use computers within their roles every single day.

Dave Rogers, Senior Account Manager and Security Specialist at Evaris says: ‘There seems to be a widespread assumption among businesses across the board that new employees have at least a basic knowledge of IT and IT security. However, this assumption can be incredibly dangerous and potentially catastrophic. Time and time again we hear from clients who strongly believe the biggest threat to their IT security are the users operating within their infrastructure - and very often, it is a lack of basic IT skills that are putting the business at risk of security breaches.

‘Businesses in all sectors should, as standard, ensure they provide mandatory IT training - carried out by the IT department - to new starters within the first month to ensure they are able to carry out their work on the company’s network without exposing the organisation to security risks.’

It appears that few CEOs appreciate the gravitas of a data breach threat; many place IT security at the bottom of their list of priorities. Only 11% of employees felt their managers took IT security seriously.

Experts pit the average global cost of a single data breach to an organisation as $3.86 million and it’s said that ‘there are more breaches in the UK than rainy days’. Many of these breaches are not as a result of evil hackers but of employees not following correct procedure. Often, they stem from simple, avoidable actions and a lack of basic cyber security knowledge.

New employees, in particular, are often not told who they can share data with (i.e. appropriate third parties); they’re not given the correct tools to keep data secure, and they’re not educated on how to deal with simple threats such as phishing emails – yet the fallout from these actions could prove catastrophic to their employer. A penalty/fine from inappropriate data sharing, outsiders easily able to breach security, a virus that could stop production completely, not to mention the impact on a brand’s reputation…these are truly serious outcomes, so it’s difficult to understand any decision-makers’ apathy concerning basic IT security.

Cybersecurity company Wombat suggests organisations rely on their Cyber Security team to ward off threats; however, the team at Wombat say a company’s real defence should be the training of all employees on the basics of IT security, as the experts can only do so much to prevent breaches and attacks.

The consensus is clear: basic IT security training should be mandatory for all employees, and especially newcomers, with regular updates to account for new threats and how fast technology advances. Cyber security training should be continual and not a one-off.

Some employers believe recruiters should carry out basic cyber security training before sending candidates to their doors; they report that although new employees claim they’re sufficiently briefed about cyber security practices, this is not the case in reality.

Where do you think the responsibility lies: with the employer, the recruitment agency, or the candidate themselves?

Compatible with:broadbean compatible recruitment websites

logo 1

idibu compatible recruitment websites