Many employers not taking cyber security seriously

9 in 10 IT decision-makers claim employers compromise on security in favour of digital transformation, productivity

Many employers not taking cyber security seriously

There was a 150-per-cent year-over-year ransomware surge in 2020.

This is a huge concern, especially because 80 per cent of organizations globally now have a hybrid cloud strategy and 92 per cent have a multi-cloud strategy, according to a report from Trend Micro.

And the average cost of a breach today now exceeds $4.2 million.

But it appears employers are not taking this issue seriously. In fact, 90 per cent of IT decision-makers claim their organization would be willing to compromise on cyber security in favour of digital transformation, productivity or other goals, according to the report.

Nearly nine in 10 (86 per cent) tech leaders have suffered a cybersecurity breach, according to a separate report released in June.

Compromise over security

Only 50 per cent of IT leaders believe the C-suite completely understands cyber risks. Why? Because board members either don’t try hard enough (26 per cent) or don’t want to understand (20 per cent), finds Trend Micro.

Even worse, 82 per cent of IT decision-makers have felt pressured to downplay the severity of cyber risks to their board.

Over three-quarters (76 per cent) of IT teams admit security has taken a backseat to business continuity amid the COVID-19 pandemic. And 91 per cent have felt pressure to compromise security for business continuity, according to another report from HP.

And 49 per cent of respondents claim that cyber risks are still being treated as an IT problem rather than a business risk, according to the Micro Trend survey of 5,321 IT decision-makers from 26 countries.

Many also suggest that the only way the C-suite will actually sit up and take notice of cyber security is if the organization suffers a breach (62 per cent) or if customers start to demand enhanced security (61 per cent).

Remote office security

[A] data breach is a revenue monster that no organization/person wants to encounter,” says Donal O' Mahony, CEO of Cyber Security Ireland on LinkedIn, adding that there are several factors to look into, especially in the current world of work.

“Careful attention has to be paid to the security of the remote office. Home offices [are] filled with IoT-connected devices: speakers, exercise bikes, wall outlets, televisions. If any of these devices have a back door or malware installed, it could compromise the home office environment. Careful attention needs to be paid to the home office security and the business devices and connections of the remote office.”

Employers must also not overlook physical security as this can be a window used by cybercriminals, he says.

The end goal is to build a culture of security by design, says Trend Micro, “where awareness of cyber risk is built into every business process, and the behaviour of all employees. It won’t be an overnight journey, but the stakes are too high to ignore the challenge.”

There are several risks for employers with so many employees working from home, says one expert.

Latest stories