Cyber security is one of the most challenging issues for business owners, with each data breach costing companies about $3.9m (£3m), according to IBM.
With much of the global workforce now remote, it has never been more important for employees to be cyber aware.
However, two in five (41%) of employees across all UK sectors have not received adequate cyber security training, a survey of 1,324 UK workers by Specops Software found.
What’s more, nearly four in five (79%) UK workers admitted they would not be able to identify if they were hacked.
Those in travel and hospitality are at the highest risk of cyber attacks, over four in five (84%) employees not receiving adequate training against cyber threats.
This is perhaps unsurprising, as it comes shortly after EasyJet was targeted in a serious attack, in which the email addresses and travel details of about nine million customers was breached.
Education and training follows in second place, with seven in 10 (69%) workers claiming they have not been trained sufficiently against cyber threats — a worrying statistic as breaches “compromise student and staff safety”, noted Specops.
In fact, cyber attacks on educational institutions have been increasing annually, as more instances are reported, with attackers motivations including data theft, financial gain, and espionage.
Seperate research by Specops recently found that clickjacking — tricking users into clicking on something other than what they think they are — is the most common form of hacking in education, at 66%.
Meanwhile, phishing — tricking users into revealing personal information through scam emails — was extremely prevalent among other key industries, at 71%.
Other key industries that have not provided sufficient training include marketing, advertising and PR (47%); medical and health (42%); and charity and voluntary work (29%), the survey found.
Understandably, the sectors with far more stringent cyber security training processes include legal services (16%), and recruitment and HR (19%).
However, with working from home becoming “the new norm”, the level of cyber security training has increased slightly since the COVID-19 outbreak, the study found.
Over half of employees have received “a lot more” (21%) or “a little more” training since the UK went into lockdown in March. However, two in five (42%) employees have received no more training since the start of the pandemic.
Overall, less than a third (29%) of business sectors have initiated additional cyber security training, the study found.