As a result of home and hybrid working, it’s increasingly apparent that many organisations have lost control of data. A recent report by IDC found that 37% of global organisations have experienced a ransomware attack or breach that blocked access to systems or data in the last 12 months. Cyber-attacks are only set to increase if companies do not act urgently to provide their people with the skills to mitigate and manage this risk.
The approach that a lot of companies take – annual standardised compliance and data training - is no longer fit for purpose. Today, it’s clear that businesses require digital-first mindsets to be successful beyond the pandemic. What’s more, IBM’s recent Cost of a Data Breach Report 2021 also found that the average cost of a breach was USD 1.76 million less at organisations with a mature ‘zero trust’ approach compared to organisations whose approach to information security assumes a data breach won’t occur.
Successful cyber-attacks can cause major damage for businesses, effecting the bottom line as well as the business’s overall standing and customer trust
The whole picture: the human error in cyber security
According to the latest UK Government’s Cyber Security Breaches Survey, between 90% and 95% of all cyber security breaches occur as a result of human error (though this does not come as a surprise to many who work in IT security). Human error is continuing to play a heavy role in the common security incidents businesses are faced with today. However, many fail to recognise this fact when thinking about the future of their security strategies.
Common cyber-attacks on businesses include ransomware, malware as a service (MaaS), denial of service (DoS) and distributed denial of service (DDoS) attacks. As cyber criminals are getting smarter, today’s businesses must fight emerging threats while not losing sight of cyber security basics. This includes ensuring current and new employees do not cause additional vulnerabilities to the entire corporate network.
Successful cyber-attacks can cause major damage for businesses, effecting the bottom line as well as the business’s overall standing and customer trust. In the ideal workforce, all employees would recognise this modern threat and adapt accordingly to minimise long-term risks as they begin to unfold. UK businesses today are not placing enough emphasis on training that re-educates employees on evolving cyber security risks, complements any existing security awareness training, and increases knowledge of how to reduce the impact of an attack.
To combat cyber-attacks and support the personal development of all employees, businesses should invest in data literacy and data apprenticeship programme
In fact, many UK workers have never received any form of information security training from their employers, even though the majority of workers, especially in the current hybrid-working world, work from computers every day as a part of their jobs. For example, employees with local administrator rights commonly disable security solutions on their computers and let viruses spread to the entire corporate network. This is an issue that can easily be resolved by educating all employees on cyber-security basics.
To combat cyber-attacks and support the personal development of all employees, businesses should invest in data literacy and data apprenticeship programmes. This will provide employees with the long-term data skills businesses so desperately require in the new working world.
Understanding the value of data analytics and techniques such as predictive analytics is crucial to instilling a questioning culture, employing applicable leadership qualities and gaining a company-wide handle on risk. We do our organisations and employees a huge disservice when we restrict data analyst and IT security skills to a singular team at the back of the office.
The data-driven organisation
The UK Data Skills Gap is not a new phenomenon, though the amount of data created and captured worldwide is forecasted to soar in the coming years. This makes it even more vital for businesses to understand the material at their disposal; with big data analytics and artificial intelligence set to play a leading role in how businesses manage cyber security and deliver a first-party data collection strategy simultaneously.
A digital-savvy workforce is no longer a nice-to-have. In the data revolution, it’s a minimum requirement to compete
Investing in data – infrastructure, skills, and culture can directly improved overall productivity and efficiency. This can lead to faster and more effective decision making and improved financial performance across organisations. Similarly, understanding that data skills are already vital to individual employee success is essential.
This is only set to increase, as many businesses look to improve customer experience by harnessing first-party data. The demand for data skills continues to intensify as new technologies emerge and become standard practice, such as cloud infrastructure services which reduce the cost of storing and managing data.
A digital-savvy workforce is no longer a nice-to-have. In the data revolution, it’s a minimum requirement to compete. Investing in upskilling employees in data skills is the best way to simultaneously enrich your people, prioritise business growth and minimise cyber security risks.
