Interviews

Cyber workplace study

by Mark Rowe

Britain is a sitting duck for cybercrime because employees couldn’t care less about the security of their workplace systems. So suggests a tokenless authentication product company, Swivel Secure.

Its study suggests that almost a fifth (19 per cent) of employees care so little about online security that they reuse the same username and password (UNP) across every single online business and personal application which, for the majority of today’s consumers, amounts to upwards of 25 sites. Constant reuse of the same UNP greatly increases the chances of a fraudster, data thief, saboteur, friend or fellow employee obtaining and exploiting these details for criminal gain.

Contrary to popular belief, awareness of the dangers of cybercrime amongst workers doesn’t seem to be the problem; over half (55pc) of the 1,200 UK employees surveyed claim to actively track online security threats such as viruses, trojans and hackers. The real peril lies in what seems to be a widely held concensus amongst workers that cybercrime is ‘something that happens to other businesses’. Despite this disparity between awareness and action, more than three quarters of all respondents (77pc) remained completely unconcerned about workplace security, suggesting that only a direct and personal experience of cybercrime will trigger a change in attitude. Even those that are security conscious are failing to uphold basic rules; three quarters (75pc) either write down or have another offline system for recording their passwords.

Chris Russell, VP Engineering at Swivel Secure says: “This has been going on for long enough. The cloud’s over reliance on the username and password format has caused workers to resign themselves to the risks, and made the UK economy a sitting duck for corporate cybercrime. The inconvenient truth is that workers are neither capable nor are they willing to maintain the complex, rolling system of passwords that today’s web environment demands.

“Analysts tell us that global spending on cyber security will exceed $68bln this year, but it is nonsensical for a business to invest heavily in firewalls, encryption and all manner of other protective technologies if its workers are effectively lowering the drawbridge to anyone that can guess their Facebook password. As our personal and professional worlds continue to collide online, businesses that are serious about protecting their data need to rethink their approach to user authentication and drop usernames and passwords for good.”

Additional research announced earlier this year from Swivel Secure (UK Bosses Slacking on Hacking, Jan 2013 ) suggested that the UK’s ‘corporate culture of complacency’ start at the top and trickles down to influence the attitudes and behaviours of employees. “Action on this issue has to come from the top,” adds Russell. “The business owners and decision makers must accept that UNPs are an outdated and unworkable form of authentication for today’s online workforce. If they wait for the web to evolve around them, it will be too late. They need to take steps now to protect their data.”

Related News

  • Interviews

    Outages reveal benefits

    by msecadm4921

    According to an employee security awareness consultancy, social media channels such as Twitter played a vital role in keeping customers informed during…

  • Interviews

    At Lord’s

    by Mark Rowe

    Lord’s cricket ground is the venue, and the subject, for Richard Hester, a former Met Police man now in private security for…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing