Training, early detection and verification are essential to increasing trust in employees
ObserveIT, the leading insider threat management platform with more than 1,900 customers around the world, announced findings from a global survey of 600 IT leaders across various industries, which revealed that organizations want to trust their employees when it comes to cybersecurity, but to do so, they need to better leverage technology. The research also found that employers should develop clear cybersecurity protocols and invest more in employee training programs and monitoring tools to verify safe user activity.
“The workforce is changing rapidly as remote work becomes commonplace and more companies rely on freelancers and contractors to support daily activities”
Since 2016, the average number of incidents involving employee or contractor negligence has increased by 26 percent, and by 53 percent for criminal and malicious insiders (Ponemon). While employees are an organization’s biggest asset – whether they are full-time, freelancers or contractors – they can also be a prime channel for information loss via negligent or malicious actions. As such, companies need to prioritize effective training programs across their employee base, leverage precise monitoring tools to verify safe user activity and ensure that clear protocols are in place for onboarding and offboarding employees to prevent data loss.
HR Technology News: Pipeline Talent Solutions Partners with Recruiter.com
Key findings from the survey include:
- Technology can enhance trust between employers and employees: According to the survey, on average, 46 percent of respondents agree that their organization doesn’t have confidence in its workforce when it comes to keeping valuable data and assets safe. This lack of trust is even higher in the public sector (53 percent), IT and technology services (52 percent) and manufacturing (51 percent). With an evolving risk environment and employee trust being highly important, 92 percent of respondents agree that investment in new technologies to monitor insider threats and verify user activity will be crucial for keeping information secure over the next 18 months.
- Training, policies and technology should be prioritized: Organizations also have an opportunity to build trust via training and policies. The survey found that 43 percent of organizations don’t have a policy that prohibits staff from taking IP/data with them when leaving the organization. Further, 67 percent of respondents say remote work is allowed in their organization, and 42 percent report contractors/freelancers use personal devices for work activity. With an evolving work environment and more devices being used to access company information, organizations need to establish clear protocols for all users handling data and IP regardless of location, device or employment status.
- Employers should make employees aware of the ramifications of data leakage: Most employees aren’t aware of the repercussions that follow leaking information either accidentally or maliciously. Almost 60 percent of organizations don’t explain the contractual penalties for putting their organizations at risk and only 36 percent of IT leaders feel that cybersecurity is extremely important to their organizations’ general employees. As such, employers need to ensure consequences of negligent or malicious leakage are well-defined and communicated to employees.
“The workforce is changing rapidly as remote work becomes commonplace and more companies rely on freelancers and contractors to support daily activities,” said Mike McKee, CEO of ObserveIT. “Trusting employees to keep valuable information safe should start at the top with effective training, clear guidelines and verification via technology for all users.”
ObserveIT commissioned Vanson Bourne to conduct 600 interviews with senior IT decision makers on the topic of trust within the workplace. Respondents were from organizations in the private and public sector with 2,500 or more employees, across the U.S., EMEA and APAC.