A new survey by Vodafone Business found that more than 10% of companies in the UK would likely go out of business if they were hit by a major cyber incident, such as a ransomware attack, Infosecurity Magazine reports.
Additionally, 71% of business leaders believe at least one of their employees would fall for a convincing phishing attack, and fewer than half (45%) of organizations have ensured that all of their employees have received basic cyber awareness training.
The most common reasons why leaders believe their staff would fall for phishing emails are “a lack of awareness and training; staff being ‘too busy’; and the absence of clear protocols for verifying and flagging suspicious messages.”
Respondents also said their employees reuse their work password for nearly a dozen personal accounts, greatly increasing the risk of phishing and credential-stuffing attacks. If an attacker manages to steal a password for a personal account, then they can test that password against the user’s work account. Multifactor authentication can add a layer of defense against stolen passwords, but MFA can also be bypassed via social engineering.
“The poll paints a troubling picture of inadequate crisis preparedness, poor password practices, and staff susceptibility to phishing scams – all of which leave businesses exposed to cyber-crime,” Vodafone says.
“With nearly two thirds of business leaders (63%) reporting that their organisation’s risk of cyber-attack has risen over the past year, password reuse remains particularly prevalent. Employers estimate that, on average, staff use their work password for up to 11 other personal accounts, including social media and dating sites.”
AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Infosecurity Magazine has the story.
