One in five UK employees involved in data security breaches at work

One in five employees in the UK have been directly involved in a security breach or loss of sensitive data, according to research from Impero Software – a leading provider of software solutions that help people learn, work and connect safely online.

The research, based on a survey of 2,000 employees about their cybersecurity behaviours and experiences, reveals that more than half (56%) use personal devices to access company data and systems, on average, three times a week. Amongst this group, four in 10 (42%) say their organisation does not enforce a security policy to control how personal devices can interact with sensitive information.

The results also show that 91% of the employees who have been involved in a security incident use personal devices to access sensitive data while at work, with half of this group (51%) doing so without adhering to a robust device security policy.

The average UK worker accesses company and customer data four times a week and employee data two times a week, with a third using between three and five different Internet-connected devices at any one time.

The research also reveals:

  • A quarter (24%) of employees lack confidence in recognising cybersecurity threats while at work, while a similar number (26%) agree that their company could improve the quality of its cybersecurity training.
  • Four in 10 employees would consider leaving their job if their company was involved in a major cybersecurity incident or data breach.
  • Nearly half (47%) said remote working has made them more concerned about the security of their work devices.
  • A quarter (26%) are worried about being involved in a cybersecurity incident or data breach in the future.
  • Only around half (or less) of employees have access to crucial tools such as multi-factor authentication (45%), web filtering (47%), laptop encryption software (50%) and virtual private networks (52%).

“Despite the abundance of Internet-connected devices used by employees in modern businesses, especially in the new hybrid world of work, many feel their employers are not equipping them with the knowledge and tools they need to work securely, particularly when interacting with sensitive data,” said Justin Reilly, CEO, Impero.

“Employees shouldn’t need to be worried or threatened by the prospect of security breaches – their employers should provide the tools and training they need to feel secure. This is especially important at a time when the competition for talent is intense and ‘The Great Resignation’ looms large. A truly secure, connected working environment can only be achieved by harmonising people, processes and technology.”

Full report available for download.