Microsoft Study Finds - Employees as the weak link in Cybersecurity Ecosystem

Reading time: Reading time 2 minutes

Protection of Internet-connected systems that include hardware, software as well as data, from breaches and cyber attacks is what we term as cybersecurity. And all IT businesses take immense care in avoiding any issue which may put their cybersecurity front at risk. Although, recent research by Microsoft has found that employees are the weak link in cybersecurity due to which organizations are at a major risk of critical data and intellectual property loss. 

Employees Are Still The Weak Link In Cybersecurity

The minor malpractices of employees are proving to be the weak links in the security systems of organizations, further leading to several legal and reputational repercussions. Furthermore, the study has also revealed that the use of personal devices with work-related data by employees and lax practices around passwords along with a lack of security training is amongst major security risks that public and private sector organizations currently face.

Another important observation highlighted by this research was that around 36 percent of the company employees admitted to using a non-work data device such as a USB hard disk to plug into their work device, while almost half of the employees had not received any specialized security training in the past 12 months, all of which making organizations prone to severe data loss and cyber attacks.

It was also found that about one-third of the people working from their home used personal email for the customer or work-related information exchange while 24 percent of them accidentally shared work-related material with friends and family, all of which lead to the violation of GDPR once the employees left the company.

Apart from several security threats that were caught by the companies, phishing, hacking, cyber fraud and other cyber attacks were also reported by 44 percent of the employees. The research further led to the finding that only 16 percent of the employees had updated their passwords in the last 12 months, while 44 percent were recycling the same old passwords, thereby ignoring the basic password rules that ultimately resulted in cyber hacks and data breaches.

Microsoft Ireland Solutions director Des Ryan made a statement that concluded that compromised user identity is a big setback and the majority of security breaches can be traced back from it.

He further added that 22 percent of people were literally found to be writing down their passwords in order to make an attempt towards being serious about their company's cybersecurity. Another stand-out finding by Des Ryan was that USB drives were being used by around 36 percent of people to back up their data which was really scary and could cause massive losses in the long run.

The research was conducted by Amarach on behalf of Microsoft. Around 700 employees that work in large Irish organizations employing more than 100 staff members were questioned across both public and private sectors. The major conclusion that made a strategically important mark was that in order to deal with these events leading to data breaches, a number of proactive as well as adaptive approaches should be used by advisory organizations. This is so because an organization with a strong sense of network security and effective incident response plan can protect its information against data loss, theft, or malicious code.

Majority of cyber attacks can be prevented with the help of informed and well-equipped employees. There are a number of programmes and certifications that can help the employees in gaining the required awareness and expertise in the cybersecurity domain. Applying certain preventive measures may bring long term results and strengthen the organization as well as the workforce.

Published on Mar 8, 2019
Subho Halder
Written by Subho Halder
Subho Halder is the CISO and Co-Founder of Appknox. He started his career researching Mobile Security. Currently, he helps businesses to detect and fix security vulnerabilities. He has also detected critical loopholes in companies like Google, Facebook, Apple, and others


Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now