UK industries are least trained in cyber security

Recent reports suggest that approximately 2.39 million instances of cyber crime occurred over the past year. With staff training in cyber security being an essential part of employee onboarding, sufficient training is crucial if businesses wish to protect themselves against cyber attacks.

Recent reports suggest that approximately 2.39 million instances of cyber crime occurred over the past year. With staff training in cyber security being an essential part of employee onboarding, sufficient training is crucial if businesses wish to protect themselves against cyber attacks.

With this in mind, I2,200 respondents from 16 different industries were surveyed* to discover if businesses are carrying out sufficient cyber security training for employees.

Key findings:

  • 96% of the Utilities sector provide cyber security training for employees.
  • 3% of the Accommodation and Food sector actively train employees in cyber security.
  • 42% of overall survey respondents don’t actively train employees in cyber security.

The 10 sectors training employees in cyber security the LEAST:

Rank Sector Percentage of respondents that actively

train employees in cyber security

1 Accommodation and Food 3%
2 Transport 11%
3 Education 17%
4 Retail and Wholesale 22%
5 IT and Communications 65%
6 Arts, Entertainment and Recreation 68%
7 Professional and Technical 71%
8 Public Sector and Defence 72%
9 Financial Services 73%
10 Admin and Support 74%

Accommodation and Food is the sector that actively trains employees in cyber security the least, with only 3% of respondents revealing that they do so.

Accommodation and Food businesses report that the most common form of cyber attack was through email hacking, with 64% of respondents within this sector experiencing this. Responses from the survey suggest that not only does cyber security training need to be increased, with a focus on email hacking and phishing attacks.

The Transport sector ranks second, with just 11% of respondents revealing that they actively train employees in cyber security. With only 11% of businesses within this sector actively training employees in cyber security, almost four times the amount (41%) said they have experienced a cyber attack via email hacking

The Education sector ranks third, with just 17% of respondents revealing that they actively train employees in cyber security.

It is evident that cyber security training within the Education sector needs to be increased and improved, as 78% of respondents reported that they have experienced a cyber attack, with 76% of respondents reporting email hacking as the method used. 

A lack of training in cyber security could result in a failure to uphold an Educational institute’s reputation. This could result in serious cyber attacks, which may breach the data of those involved in the educational institution.

The top 5 sectors training employees in cyber security the MOST:

Rank Sector Percentage that actively

train employees in cyber security

1 Utilities 96%
2 Real Estate Activities 94%
3 Manufacturing 92%
4 Construction 91%
5 Health and Social Care 90%

Venky Sundar, Founder and President of Indusface commented on the importance of cyber security investment and training among all business sectors:

The cyber security of any business, whether an SME or a larger corporation, is vital to its integrity. With technology and the internet being an integral, useful part of how many businesses operate, it is important that every company understands the risks of it being inadequately protected. If cyber attacks occur, a business can suffer from lost business data, a degraded reputation, and potentially a large financial cost.

“While we found that email hacking is the most prevalent, the way it is carried out is very versatile. Phishing is a much talked about threat, however, bot attacks such as account-takeover and credential stuffing could also be used to hack emails and get access to email accounts. The other method is when hackers exploit an SQL injection vulnerability on a table and extract all credentials through the vulnerability. In addition to training all employees on how to evade phishing attacks, organisations will also find it worthwhile to run regular security assessments and implement a WAAP solution to filter out malicious attacks right at the perimeter before the attacks hit the application servers.

Finally, it is important to build defences in depth. All systems are to be designed while assuming that they don’t get compromised even in case an email is hacked. This problem is especially bad in the SME space as security software needs to be constantly updated and the acute shortage of talent and resources mean that SMEs run outdated security software products.” 

Indusface survey results and data here

www.indusface.com

    Read more

    Latest News

    Read More

    How HR can fix the credibility deficit

    22 November 2024

    Newsletter

    Receive the latest HR news and strategic content

    Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

    Latest HR Jobs

    University of Oxford – Nuffield Department of MedicineSalary: £27,838 to £31,459 per annum (pro rata). This is inclusive of a pensionable Oxford University Weighting of

    JOB TITLE: Hotel Manager – FTC 12 months – January 2025 start LOCATION; North West England SALARY: Around £45,000 per year plus performance-based bonus, rewards,

    We are seeking a dynamic and driven Human Resources Officer to become a key player in The Welbeck Team In this exciting role, you’ll invent

    Read the latest digital issue of theHRDIRECTOR for FREE

    Read the latest digital issue of theHRDIRECTOR for FREE