Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Research Reveals Big Difference Between How Employees And IT Decision Makers View Cyber Security

The ‘human factor’ has long been a weak link when it comes to cyber security.

Businesses can have the best protection available, but if a staff member unknowingly lets a cybercriminal into the system then it won’t matter.

Independent research commissioned by Aura Information Security reveals staff are not as secure as their IT managers may think.

While 62 percent of New Zealand businesses say they carry out security training exercises with their staff, only 37 percent of Kiwis say they have received training on good cyber security practices[1].

This disconnect is further emphasised by password practice. Most[2] IT managers encourage all staff to use a password manager to ensure the most common password mistakes aren’t made. However, it doesn’t appear staff are taking this advice with one third[3] of employees admitting to reusing the same passwords across both work and personal devices and accounts.

Hilary Walton, Kordia Chief Information Security Officer, says this is something New Zealand businesses need to address right away.

“Cybercriminals ran rampant in 2020 and it’s only getting worse. New Zealand businesses are becoming more aware of the risks, but many aren’t doing enough to protect themselves. These businesses may have gotten lucky by not being targeted yet, but with more and more attacks happening each day, it’s only a matter of time.

“A good place to start is properly educating staff because it’s incredibly easy for complacency and cyber fatigue to set in. This shouldn’t just consist of a one-off cyber security lesson which is quickly forgotten, but constant reminders and check-ins to ensure best practice is being followed. Reducing human errors will significantly strengthen your cyber defence.”

Poor password practice isn’t the only issue making Kiwi businesses vulnerable to attacks. Organisations are also at risk from delayed software updates and a lack of care with dodgy links and attachments.

Almost a third[4] of Kiwis don’t update their work computer or smartphone as soon as software updates become available. Walton says this is an opening that hackers can easily exploit.

“It’s also concerning to see 20 percent of New Zealanders only sometimes check links to ensure they’re legitimate. This is something we need to do 100 percent of the time. The fact that 17 percent of respondents said they’re not confident they could even tell the difference between a legitimate email and a fake emphasises the need to educate staff without delay.

“Sometimes it’s not even the staff member who clicks through to a dodgy link and lets malware into the system. The survey shows 15 percent of parents let their children use their work devices, further increasing the likelihood of a mistake being made.”

The research also revealed employees vastly underestimate how often their workplace is targeted by hackers with an alarming 25 percent thinking their work isn’t targeted at all. The reality is in the last 12 months, half[5] of Kiwi businesses were affected by 1-10 ransomware attacks and a further 35 percent were affected by 11 or more.

“After a year like 2020, the last thing our businesses need is to deal with a cyber-attack shutting systems down or stealing sensitive information. I’d suggest all Kiwi businesses make it a 2021 goal to strengthen their cyber security and educate their staff. This needs to be made a priority as soon as possible.

“It’s also important to create a culture where staff feel comfortable to come forward if they think they may have clicked the suspicious link or attachment. The sooner the IT department knows about an issue the better. Hackers are known to lie dormant once they get access to a system, waiting for the opportune time to strike to do as much damage as possible. If you’re unsure, it’s always best to let the IT team know,” concludes Walton.

Four tips to reduce your cyber risk right now:

  1. Run a password manager workshop to show your team how easy it is to use unique passwords across applications.
  2. Chances are you started using work collaboration tools a whole lot more during lockdown. Make good use of these by communicating your organisation’s key security messages on a regular basis. Simple ‘tip of the day’ type messages can work well.
  3. Teach your team how to easily update smartphone apps in one hit. This is important because all apps encounter vulnerabilities, such as the one WhatsApp announced earlier this year which was exploited by remote attackers.
  4. Explain how to spot ‘phishy’ emails. Run a mini workshop or make use of the many great resources available online, for example Kordia’s CyberWise module.

[1] 62% of IT decision maker respondents said they carry out employee cyber security training exercises, while 37% of employees said they received training on good cyber security practices from their company.

[2] 65 percent of IT decision makers encourage employees to use a password manager

[3] 32 percent of respondents said when logging into apps, computers, or websites that they reuse the same passwords on both work and personal accounts or devices

[4] 31 percent of respondents say they don’t update their smartphone and computer they use for work the moment updates become available

[5] 51 percent of IT decision makers say they estimate they are affected by 1-10 ransomware attacks per quarter

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Police: Counterfeit Banknotes - Businesses Urged To Be Aware

Wellington Police are asking businesses to be on the lookout for counterfeit money, after fake $50 and $100 banknotes were presented at businesses recently. While Police are making enquiries to establish the source of these banknotes, a person has been ... More>>

Frog Recruitment: Kiwi Workers Reluctant To Make Business Trips Across The Ditch Despite Trans-Tasman Bubble Opening

When the trans-Tasman travel bubble opens today, many Kiwi companies won't be rushing to buy an air ticket, reluctant to cross the ditch to do business. The latest survey conducted by leading recruitment agency, Frog Recruitment of nearly 1,000 New Zealand ... More>>

Tourism: Employers Welcome Back Working Holidaymakers

Tourism businesses gearing up for the return of Australian visitors from next week will be relieved to learn that they will also have access to an offshore pool of much-needed job candidates, Tourism Industry Aotearoa says. Tourism employers around ... More>>

Commerce Commission: Latest Broadband Report Confirms Improved Performance Of Premium Fibre Plans

The latest report from the Commerce Commission’s Measuring Broadband New Zealand programme shows that the performance of Fibre Max plans has improved substantially. This follows a collaboration between the Commission, its independent testing partner, ... More>>


Travel: Air New Zealand Celebrates Busiest Day Since COVID-19

Today is shaping up to be the biggest flying day for the airline since New Zealand closed its borders due to COVID-19. Air New Zealand General Manager Customer Leeanne Langridge says around 42,000 customers will be travelling on nearly 520 Air New Zealand ... More>>

Stats NZ: Prices For Transport And Housing Rise In March 2021 Quarter

Higher prices for transport and housing led to a 0.8 percent lift in the consumers price index in the March 2021 quarter, Stats NZ said today. Prices for getting around rose in the March quarter. Transport prices rose 3.9 percent, the biggest quarterly ... More>>

Stats NZ: New Report Shows Impact Of Demands On Land In New Zealand

A new environmental report released today by the Ministry for the Environment and Stats NZ, presents new data on New Zealand’s land cover, soil quality, and land fragmentation. The land cover data in the report, Our land 2021 , provides the most ... More>>

ALSO: