Staff risks survey | Professional Security | #cybersecurity | #cyberattack

Businesses are facing escalating threats due to a lack of risk awareness amongst employees. That is according to a new pan-EMEA study from a data and documents storage company.

About one in three employees (32 per cent) claim to have made a “critical” error at work, and 14pc have taken a risk which cost their organisation money. Despite three quarters of employees believing risk management is vital to protecting sensitive information, near half (49pc) still consider it worth taking risks at work – men more so than women (54pc versus 44pc) according to the survey for Iron Mountain Incorporated.

Sue Trombley, Managing Director of Thought Leadership, Iron Mountain, said: “We all make mistakes, so risk – by definition – is an ever-present factor in business. But today’s increasingly digital age is seeing increasing risks, which means risk management must constantly evolve. With new business models, hybrid working and the growing threat of cyber attack, it’s now more important than ever to manage employees and internal risks effectively to build resilience by design.”

A quarter (25pc) of respondents say they have fallen victim to scams or phishing. Despite this, however, the study suggests that employees are continuing to take security risks:

– 34pc use the same password across multiple platforms
– 27pc forget to lock their laptop when leaving their desk
– 18pc keep their password on a note on their desk

And bearing in mind the trend to work remotely due to the covid pandemic, the risks are magnified by hybrid working, it’s claimed; more than a third (36pc) of employees admit to being less security conscious at home than at the office.


Dr Nilufar Ahmed, a behavioural psychologist at the University of Bristol, said: “We often display an optimism bias when it comes to risk perception where, even when we are aware risks exist – such as knowing we should not use the same password across multiple platforms. We just don’t think anything bad will happen to us personally. We convince ourselves we are safe from risk. This leads to underestimating risk and overestimating the precautions we are taking to protect against risk.”

The findings also raise questions about the impact of current awareness efforts. While a majority, 66pc of data managers surveyed said that risk training sessions are attended by half to all of employees, more than a third (36pc) of workers said they have never received such training.

Sue Trombley added: “An element of risk-taking can enable a business to innovate, but lack of awareness about potential everyday dangers can hinder long-term resilience. We advise empowering every employee to become a risk ambassador by embedding risk awareness within your culture.”

And Dr Nilufar Ahmed added: “Resilient systems can lead to greater resilience in staff which will result in happier and more confident staff and this will translate into greater productivity and profitability.”

About Iron Mountain

The storage and information management services firm recently expanded the scale of its facilities for Sellafield Ltd to support the continued decommission of the Cumbrian nuclear site. There the contractor is scanning and archiving engineering documents, although an image library is also being processed with a collection of analogue video tapes, floppy discs and CDs; and archiving around 100,000 boxes of records, housed at an Iron Mountain facility outside Warrington.

The firm recently acquired a site on Precision Park, Leamington Spa. Visit

Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

97 − ninety two =