As cyber attacks become a more prevalent threat for businesses across the UK, new research from Aviva has found that over half (55%) of UK employees harbour concerns about cybersecurity at work.
This was particularly prevalent among those aged 16 to 24, with 72% expressing worries about their employer’s cybersecurity. In contrast, only 37% of employees aged 55 and over shared similar concerns.
Aviva’s study also identified a gap in employees’ cybersecurity training and awareness, as one in five (20%) reported that they receive cyber awareness training once a year or even less frequently. Despite the lack of regular training, 89% of employees still characterised their company’s cybersecurity level as “strong.”
In fact, when it comes to the specific cybersecurity measures implemented by their employers, the study found that employees’ awareness remains relatively low.
Security measure |
Employee awareness |
---|---|
Password management |
58% |
Malware/virus protection |
55% |
Network security (VPN) |
50% |
Being able to identify and report phishing emails |
48% |
Cybersecurity awareness training |
47% |
The study further revealed that there is room for improvement when it comes to employers addressing cybersecurity concerns.
According to Aviva, 37% of employees believe that their employers could be doing more to ensure the cybersecurity of their systems. This aligns with a recent report by the National Cyber Security Centre, which found that only 37% of UK businesses are insured against cyber risks in some way.
Moreover, over a quarter of employees (25%) claimed to be disengaged or indifferent towards the cybersecurity controls in their business, while only 32% considered the cybersecurity level in their workplace to be “very strong.”
Businesses mirror this lack of confidence, with Aviva’s recent Risk Insight report revealing that only 53% of UK businesses are confident in the effectiveness of their cybersecurity protection.
Commenting on the report’s findings, Aviva head of cyber Stephen Ridley emphasised the importance of employee awareness and engagement when it comes to a business’ cybersecurity measures.
“We know that employees are the first and most important line of defence against cyber security incidents, so awareness of training, confidence and engagement are vital,” he said.
Ridley also stressed the importance of training and allocating resources to enhance cyber preparedness, stating that real-world scenarios showcasing the potential risks associated with cyber incidents can help employees understand their role in protecting the business.
“Aviva’s cyber cover offers access to specialist partners who provide training and solutions to help improve cyber management and implementation strategies,” he added. “Prevention is, after all, better than the cure - and embedding a cyber resilient culture requires board-level commitment along with investment in resources to effectively monitor and evaluate training gaps.”
What are your thoughts on this story? Feel free to share your comments below.