Saturday, Oct 20, 2018 | Last Update : 09:08 PM IST

Only 12 per cent of employees are fully aware of their organisation’s IT security policies

THE ASIAN AGE
Published : Jan 14, 2018, 11:39 am IST
Updated : Jan 14, 2018, 1:19 pm IST

Just one-tenth of employed respondents are fully aware of the IT security policies and rules set in the organizations they work for.

The study of 7,993 full-time employees which asked about policies and responsibilities for corporate IT security also revealed that 24 per cent of employees believe there are no established policies in their organizations at all.
 The study of 7,993 full-time employees which asked about policies and responsibilities for corporate IT security also revealed that 24 per cent of employees believe there are no established policies in their organizations at all.

A lack of IT security awareness remains a worrying reality for businesses around the world, according to a recent study of consumers conducted by Kaspersky Lab and B2B International.

The research found that just one-tenth (12 per cent ) of employed respondents are fully aware of the IT security policies and rules set in the organisations they work for. This, combined with the fact that half (49 per cent ) of employees consider protection from cyber threats a shared responsibility, presents additional challenges when it comes to setting the right cybersecurity framework.

The study of 7,993 full-time employees which asked about policies and responsibilities for corporate IT security also revealed that 24 per cent of employees believe there are no established policies in their organizations at all. Interestingly, it seems that ignorance of the rules is no excuse, as around half (49 per cent) of the respondents think all employees, including themselves, should take responsibility for protecting corporate IT assets from cyber threats.

This discrepancy could be particularly dangerous for smaller businesses, where there is no dedicated IT security function and responsibilities are distributed among IT and non-IT personnel. Neglecting even basic requirements, such as changing passwords or installing necessary updates, could jeopardize overall business protection. According to Kaspersky Lab experts, top management, HR and finance specialists who have access to their company’s critical data are usually most at risk of being targeted. 

To deal with this problem, small and medium-sized businesses would benefit from regular IT security awareness training for staff and from products tailored to their specific needs. For example, Kaspersky Endpoint Security Cloud includes features such as preconfigured security settings, immediate protection across all devices and easy management capabilities that do not require in-depth expertise from its administrator, thereby reducing the burden on overstretched IT teams.

Kaspersky Lab’s SMB portfolio includes products that cover the various needs of very small, small and medium-sized businesses. Smaller businesses would benefit from the combination of powerful protection and ease of management in Kaspersky Small Office Security and Kaspersky Endpoint Security Cloud, while larger companies may find more use in the advanced security settings and targeted applications for enhanced mobile, server and email protection found in the Kaspersky Endpoint Security for Business suite.

Tags: cybersecurity, cyberattack, online threat