The research findings indicate that companies focused more on external threats, such as cybercriminals and hackers without adequate attention on the threat from within the business.
Reacting to the report, Business Development Manager, Cisco South Africa, Kian Ellens, said the study confirmed the complex challenges facing businesses when it concerned IT security.
Ellens said that the results showed that most employees recognised that the threat from cybercriminals was real and worthy of continuous defence but stated it showed that employee complacency about IT security was increasing the risks for South African businesses.
He said: “An employee one blindly trusts is one amongst several ‘weak links’ in the security chain. These expose an organisation to greater risks by providing enterprising hackers with multiple doorways that can be unlocked and potentially lead to sensitive data.
“The results also indicate that the IT security strategies in place at the moment do not correlate with the way people prefer to work today. Employees are telling us existing security policies need to change in order for businesses to maintain a culture of innovation and collaboration, whilst keeping the corporate network, devices and the cloud safe from external attacks,” he said.
According to the wide-ranging security study, the biggest internal threat stemmed from a sense of complacency with employees (44 per cent) assuming that the company would protect them online.
Also, the consulting systems engineer security solutions firm, Cisco South Africa, Greg Griessel, said, “while better communication and education will help, it won’t solve the culture of complacency uncovered by this study. IT leaders will be compelled to establish more user-friendly security policies that accommodate user behaviours in order to lower the risk of a breach across the entire organisation.”
He added: “If employees continue to believe that IT security is making their job more difficult or remain unaware of the dangers their behaviour can place on the organisation, businesses will continue to play a game of Russian roulette with their IT security, which could lead to a very costly security breach.”
