Almost six in ten (59%) Irish employees are leaving themselves and their employers vulnerable to hackers by using the same passwords across their personal and work online accounts. Of these one in five (18%) admit to always doing so.
And almost one in six (15%) Irish workers have potentially increased cybersecurity risks for their employers by sharing their work login details or passwords with someone outside their organisation – such as a friend, family member or partner.
Cybersecurity trends to watch
This is according to new research from the leading Irish insurance broker, Gallagher and the Centre for Economics and Business Research (CEBR), which surveyed the cybersecurity habits of 500 employees in Irish businesses.
Headline findings from the Gallagher research reveal that:
- Only around one-fifth (18%) of Irish workers say they never use the same or similar passwords for personal and work online accounts. (see Table 1 in Appendix)
- Almost one in four (24%) have forwarded, copied or downloaded company data to a personal device or storage account (see Table 3 in Appendix)
- Around one in six (16%) have worked from abroad without notifying or getting approval from their employer (see Table 4 in Appendix).
Commenting on the date, Michael Cunningham, Head of Financial Lines at Gallagher, said: “Our survey shows that employees are often the weakest link when it comes to cybersecurity in the workplace due to poor habits around, and lax attitude towards, IT security. The use by employees of weak or reused passwords, the sharing of work login details or passwords, and the downloading of company data to a personal device can all substantially increase the risk of cyberattacks to a company.
“While the reuse of passwords might make life more convenient, this is a risky practice. If a worker gets caught out by hackers while using the internet, the reuse of passwords means they may have just handed them the keys to not only their own personal online accounts, but also their employers. As well as ensuring they have cyber insurance should something go wrong, firms need to educate workers and put policies in place to help guide them on what is and isn’t acceptable.
“The finding that one in six Irish employees have worked from abroad without telling their boss is also worrying as doing so could substantially increase cybersecurity risks and expose company data to unregulated Wi-Fi networks and increase the chances of loss or theft of a work device.”
Employee response to potential cyber threats
According to the Gallagher survey, many employees would delay alerting their employer to an incident that could undermine cybersecurity as when asked how they would act if they received a suspicious email or lost a work device, nearly a quarter (24%) said they wouldn’t report it immediately – if they reported it at all.
Commenting on this aspect of the research, Mr Cunningham said: “Unfortunately, the vigilance of the majority could be undermined by the actions of a few – so it’s a concern that almost a quarter of Irish employees would be slow to report such incidents. The rise in recent years of the numbers of people working from home has likely led to increased cyber vulnerabilities for employers, as people may be more inclined to let their guard down on personal and working devices when in the comfort of their home.
“While many employees may simply be unaware of the extent, and potential severity, of cyber risks, the repercussions that cyber-attacks can have on businesses should not be underestimated. Businesses can face substantial hits to their profit, or even bankruptcy, after a cyber-attack. So, it’s incumbent on all employers to make their workers aware of risks facing companies today, and employees also have to play their part.
“A company could invest a lot of money in strong cyber-security and data protection measures, only to have the actions of one employee see the firm subject to a major cyber-attack. Firms should engage the support of a specialist insurance broker who can advise them how to protect against the fall out of cyber issues.”
Top 10 cybersecurity tips for employees
To ensure an employee doesn’t compromise their employer’s IT security, Gallagher is advising workers to take the following steps:
- Regularly change passwords for online accounts. Use strong passwords and don’t reuse passwords across multiple accounts, including across work and personal accounts.
- Make sure adequate security and anti-virus software are on your PC and other devices, such as iPads or smartphones.
- Avoid clicking on links from social media or pop-up ads when on a work device; instead, type the website address directly into your browser.
- Regularly update software on your work and personal computers as updates often include security patches that address vulnerabilities and this in turn could potentially prevent cyber-attacks and data breaches.
- Don’t access sensitive company information when on a public internet network – such as when in coffee shops, airports and hotels. While it might seem convenient, you’re more vulnerable to scams when using a public internet network – and confidential data could fall into the wrong hands if you transfer it over such a network. Be particularly wary of a public network that’s password free.
- Never forward, copy or download company data to a personal device or storage account.
- Never share work login details or passwords with someone outside your organisation, no matter how much you trust them.
- Always notify your employer if you are working abroad and take additional security precautions.
- Set an auto-lock timer for your screen so that it locks when you’re away from it, even if working from home.
- Do not allow family members or friends to use your work laptop or devices.
See more breaking stories here.
More about Irish Tech News
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.
