Employee apathy may not be the first thing people consider while discussing cybersecurity risks, but disengagement could quickly lead to human error. Corporations face heightened vulnerabilities against hackers as is, with billions of dollars lost annually to digital scams. Organizations that want to address these concerns must understand why their employees are apathetic to cybersecurity measures and how to rectify the situation. Here’s how companies can address employee apathy to prevent data breaches and other serious threats. Why Are Employees Apathetic Toward Cybersecurity? According to a recent FBI report, cybercrime victim complaints amounted to over from 2013 to 2019. Often, scammers deceive and manipulate employees to share personal data — including logins and passwords — and transfer unauthorized funds. $26 billion in losses Cybercriminals prey on people's trustworthiness. There are several reasons why scammers have such an easy time bypassing employees and penetrating a company's network, including the following: Employees require a better understanding and awareness of cybercrime. Excessive responsibilities, stress, and disengagement in the workplace lead to mistakes. Companies lack stringent remote work cybersecurity measures. Employees are afraid to report incidents due to fear of being shamed or penalized. Reporting methods are too complicated or time-consuming. People feel disassociated from their workplace or disgruntled. It is not uncommon for employees to fall for phishing scams at work. However, while bosses would like to believe their workers are all simply prone to human error, this is not always the case. An alarming would sell their credentials for only $150. 27% of employees from large corporations Addressing employee apathy toward cybersecurity is crucial to protect business assets. Those who overlook this essential security threat risk jeopardizing their employees and customers and ruining their reputations. 5 Tips to Overcoming Employee Apathy for Enhanced Cybersecurity When workers lack motivation or interest in following cybersecurity practices, companies are more prone to ransomware and malware attacks, serious data breaches, and other violations. As such, addressing employee apathy must be a top priority. These five tips can help businesses build a more cyber-secure workplace. 1. Deliver Cybersecurity Training Security training makes a difference in preventing corporate-targeted hacker attacks. However, many employees are uninterested in educational modules. Employers should issue tailored programs based on each person's position and department to counter this. For instance, remote workers might require different training than in-person staff, such as modules honing in on vulnerable and unsecured networks. Likewise, the accounting and financial departments may benefit from security education focused on wire transfer fraud. Training initiatives will teach employees to and suspicious domains in phishing emails. Grammar mistakes, generic salutations, and a sense of urgency are other indications an email request is not legitimate. look for misspelled words According to the cybersecurity resource platform SANS, people trigger by clicking on email scams, using weak or compromised passwords, or mistakenly publicizing sensitive information. over 80% of cyberattacks 2. Avoid Shaming and Punishing All cybersecurity threats are serious, but if organizations instill fear of shame and punishment in their employees, people will be less apt to report potential attacks. Several companies have also issued fake phishing tests to catch employees falling for scams. However, these tactics have done nothing but anger and disengage workers further. For instance, U.K.-based train operator West Midland Trains sent employees a test phishing for their hard work during the pandemic. However, employees who clicked the link received another message saying they'd fallen for the scam. email about receiving a bonus Although West Midland Trains is not the first company to do this sort of phishing test, people called its actions a "reprehensible" and "cynical" trick. Instead, businesses should use positive incentives to build trust and ensure worker collaboration in cybersecurity measures. Offer employees a reward for reporting threats and avoid punishment when something does occur. 3. Create a Simple Reporting Protocol Another reason for employee apathy regarding cybersecurity risks is an overly complicated reporting protocol. Companies must create a straightforward reporting process for employees to flag threats easily. Who must they report to? What are the steps for documenting a potential issue? A reporting protocol could entail sending an email or filling out a contact form for the IT department. Employees might also be given a name and phone number to call when they stumble upon something suspicious. The best approach to developing a robust reporting protocol is to automate the process wherever possible. Of course, ease of reporting is equally important. Employees want a simple tool to avoid wasting too much time or risk retaliation. 4. Recognize Unhappy Employees Careless and disengaged employees aren't the only cause of data breaches. Companies must weed out upset workers to prevent them from handing over sensitive data intentionally. Organizations have the difficult task of navigating a — accidental and malicious — to prevent cybersecurity damage. Disgruntled employees may seek ways to get back at their employees by behaving criminally. 50% increase in insider threats The real question is whether apathy could result in an angry employee. The workforce has turned volatile and uncertain in the post-pandemic world. With so many changes on the horizon — particularly return-to-office mandates — it is possible for people to feel resentful toward their employers. 5. Seek Employee Feedback One of the primary causes of workers’ apathy is the belief their employer doesn't care about their opinion. According to research and consulting firm Gartner, to value them and their work. However, only 45% believe their companies do. 82% of employees want their company Negate employee apathy by engaging them in cybersecurity measures. Seek prompt feedback from workers, including their preferred reporting process and training. This will prove invaluable for companies to address cybersecurity threats as a cohesive team. If leadership understands where the knowledge gaps are and what it will take to get employees on board, they can tailor their initiatives to meet demands. Cybersecurity Is a Companywide Effort Collaboration between leadership and workers is necessary to protect companies against cybercriminals. Hyper-vigilant workers on the lookout for suspicious threats and breaches help companies protect sensitive data and assets from malicious players. Addressing employee apathy is a crucial first step toward achieving a secure digital landscape.

The is an opinion piece based on the author’s POV and does not necessarily reflect the views of HackerNoon.

2022 - HackerNoon Contributor of the Year - Cyber Threats

2022 - HackerNoon Contributor of the Year - Data Security

2022 - HackerNoon Contributor of the Year - Hacking

2022 - HackerNoon Contributor of the Year - Media

Nominated for 2022 - HackerNoon Contributor of the Year - Data Security

Nominated for 2022 - HackerNoon Contributor of the Year - Cyber Threats

Nominated for 2022 - HackerNoon Contributor of the Year - Media

Nominated for 2022 - HackerNoon Contributor of the Year - Hacking

Too Long; Didn't Read

Questions about cloud security? Get answers here.

One of the Top Cybersecurity Risks in Your Business Is Employee Apathy

Too Long; Didn't Read

Zac Amos

STORY’S CREDIBILITY

Opinion piece / Thought Leadership

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

One of the Top Cybersecurity Risks in Your Business Is Employee Apathy

Too Long; Didn't Read

Zac Amos

STORY’S CREDIBILITY

Opinion piece / Thought Leadership

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES