• British companies are failing at the basics of IT security

  • New research reveals that companies investing in the latest cyber security products and services are risking this being undermined by sloppy user practices
  • Almost half of UK workers said they have never changed their password since they started working at their company

UK businesses are risking becoming victim to data breaches by not taking the most basic of cyber security precautions, new research has revealed.

A survey of 1,253 UK workers in full or part-time employment, carried out by technology services provider, Probrand, has revealed that investing in new and expensive technology is worth little if employees are not following basic of security steps, which  is widening companies’ vulnerability, cost and risk of cyber-attacks.

43% of the surveyed workers who all use IT systems in their workplace, said their company has invested in new cyber security products and services during the past year. However the research data shows that it is employees themselves who are undermining systems and policies with sloppy security practices.

Worryingly, 67% of those questioned said they use a very basic password such as a single word or simple consecutive numbers at work, meaning it could easily be guessed or hacked.

A further 63% admit that they do not change their password regularly. And in fact, almost 1 in 2 (46%) say they have never changed their password since they began working at their company.

The data also revealed that more than 1 in 3 (37%)  UK workers report  having used an insecure network connection such as public wi-fi or tethering from another mobile phone when working remotely.

And so it’s hardly surprising that previous Probrand research recently found that 43% of UK businesses have suffered a cyber breach or attack in the last 12 months.

Matt Royle, marketing director at Probrand comments: “When workers are failing to take the most basic steps to protect their company’s network and data, it undermines technology investments designed to lock-down cyber security. Companies need to consider a fine balance of people, process and technology to secure and protect their businesses today and tomorrow."

“Employees are a company’s greatest asset, yet they present the greatest risk when it comes to cyber and data security.  Our findings show a shocking number of UK businesses are struggling with the very basics - only 37% of employees regularly change their password,   Business leaders need to monitor, regulate and instil simple cybersecurity practices. Writing protocols into company handbooks and employee contracts is a start, but continuous training and maintenance of security awareness are critical in what is a fast moving threat landscape.”