Corporate giants have caught on to the importance of cyber-security training but their smaller counterparts are still lagging, says one expert.
Large corporations have caught on to the importance of cyber-security training but their smaller counterparts aren’t doing so well – that’s the warning from one industry expert who says a lack of education is putting Kiwi businesses at risk.
“When it comes to acknowledging the need for training in relation to cyber security, the larger corporates are doing well and appear to be taking a more proactive approach,” says Peter Bailey, GM of Aura Information Security. “It’s the medium-sized businesses that are lagging somewhat.”
While technology and IT systems play a pivotal role in cyber security, Wellington-based Bailey says they simply won’t cut it unless employees are up-to-date too.
“Cyber attackers thrive in finding gaps in a company’s armour – whether that armour be made up of people or technology,” says Bailey. “It’s no longer enough for businesses to put technology and security systems in place, they also need the right policies and training.”
A recent survey of New Zealand IT leaders found that just 58 per cent of medium-sized businesses (those with 60-99 employees) felt confident they could successfully educate their staff on how to make informed cyber security decisions.
The figure is in comparison to 82 per cent of large organisations (those with more than 100 employees) that said the same.
Conducted by Perceptive Research and Kordia in March of this year, the survey also found that seven in 10 respondents overall stated that their company currently has policies or training in place relating to online security, but the number dropped to 58 per cent for medium-sized businesses.
“The key point to note here is that in order for cyber security to become a part of the culture of an organisation, staff need to be involved – not just those in the IT department or senior management, everyone has a part to play,” says Bailey.