British companies failing at basics of IT security

A survey of 1,253 UK workers in full or part-time employment, carried out by technology services provider, Probrand.co.uk, has revealed that investing in new and expensive technology, whilst not considering the most basic of security steps, is potentially widening companies’ vulnerabilities to cyber-attacks, which cost UK businesses millions annually.

43% of the surveyed workers, who all use IT systems in their workplace, said their company has invested in new cyber security products and services during the past year - but the data shows employees themselves are risking this being undermined through sloppy security practices.

Worryingly, 67% said they have a basic password (such as a single word or simple consecutive numbers) at work. Meaning they could easily be guessed or hacked.

A further 63% admit that they do not change their password regularly. And in fact, almost 1 in 2 (46%) say they have never changed their password since they began working at their company.

The data also revealed that more than 1 in 3 (37%) of UK workers report to having used unsecure network connections (e.g. using public wi-fi or tethering to mobile phones) when working remotely.
And so it’s hardly surprising that previous Probrand research recently found that 43% of UK businesses have suffered a cyber breach or attack in the last 12 months.

Matt Royle, marketing director at Probrand comments: “When workers are failing to take the most basic steps to protect their company’s networks and data, it undermines the money that is being invested and the work that is being put into maintain cybersecurity on a more sophisticated level.

“Our findings have shown that a shocking number of UK businesses are struggling at the very basics, so we would encourage business leaders to monitor and regulate even the simple cybersecurity practices. Writing protocols into company handbooks and employee contracts are just some ways of doing this. As the data shows, as only 37% of employees regularly change their password, it’s clear that some internal training is needed here.”