Many company employees ignore cyber risks reveals survey of 1,500 employees at organisations in 11 countries, conducted by independent research firm Vanson Bourne.

Risky behaviour can leave corporate and personal data open to theft. This data can be used to access corporate accounts or trick others into revealing their credentials. So while IT professionals seek to prevent cyber attacks occurring, their colleagues’ behaviour is jeopardising employers’ cyber security and ultimately their jobs. 

The survey revealed that although 66% of all respondents view using a new application without the IT department’s consent as a serious cyber security risk to the business, 26% admitted doing so. In the UK, 33% of respondents used new applications without IT’s permission, compared with 27% in Germany and just 16% in France. Nearly two out of five employees use social media sites for personal reasons at work – a serious risk to businesses, as cyber criminals hide malware on shortened links and exploit encrypted traffic to deliver payloads.

The dichotomy between the awareness and actions of the employees found in this research should trouble businesses all over the world. The consumerisation of IT and social media carry mixed blessings to enterprises. It is no longer feasible to prevent employees from using them, so businesses need to find ways to support these technology choices while simultaneously mitigating the security risks.