Businesses are twice as likely to worry about losing private data, than about cybercriminals hacking into their systems, according to a study on 100 US companies by Wells Fargo Insurance.
Some 47 percent of the companies with revenue of at least $100 million expressed concern about private data loss, while only 26% percent mentioned hackers or security breaches. Virus infections, software vulnerabilities and keeping a good company reputation are also among top concerns.
“It’s surprising that businesses are not more concerned with employee misuse of technology — what I like to call the human factor,” said Dena Cusick, national practice leader with Wells Fargo Insurance’s Technology, Privacy and Network Risk National Practice. “Cyber risk management is first and foremost about education. Informing and regularly training employees on security protocols and incident response plans is critical for businesses today.”
In comparison with 2015 research, careless employees are a growing threat. The lack of proper education and training makes them vulnerable to cyberattacks. 15 percent of the companies interviewed don’t train their employees on cybersecurity risks and misuse of data, the study revealed.
“Every organization, regardless of size, needs to make cybersecurity a priority within their business,” added Meredith Schnur, senior vice president of the professional risk practice at Wells Fargo Insurance. “I handle five-to-10 incidents each week from clients who are not well-known brands. No organization is immune.”
Another growing risk is imposter fraud, when a hacker breaches a senior executive’s email and makes fraudulent payment requests. With one in five companies having been victims of imposter fraud, this new phishing scam is a serious threat, warns Wells Fargo.