Research released today by Websense, Inc. highlights that complacency is rife amongst UK employees toward e-mail security, with nearly one third (31%) of respondents stating they were satisfied with their company not fully protecting e-mail as they didnít feel they would be targeted by cybercriminals. The survey also reveals that 35% of respondents said a hackerís gaining access to their computer through an e-mail borne attack would not happen to them, while 72% had a blas attitude to e-mail spam saying receiving e-mails from a sender they did not recognise was an annoyance rather than a potential security threat.
Are you involved in recruiting or HR? If yes, you should think about attending the Onrec.com Online Recruitment Conference & Exhibition - Topics and Speakers listed here. Complete this enquiry form and a member of the Onrec.com team will be in touch.
The ìWebsense E-mail Securityî survey of more than 100 respondents also reveals that UK employees are exposing their company and personal data to potential e-mail borne security threats in the way they deal with spam, including:
40% of respondents open the preview screen to check spam e-mails
33% open an e-mail from an unknown sender before deciding how to handle it
22% open spam e-mails and admit to sometimes clicking on the embedded Web links enclosed in these
While losing company confidential information was more of a concern than the risk of a hacking incident, 40% of respondents still thought this was not a risk to them.
Other key survey findings:
Companies leaving staff in the dark: More than half (56%) of respondents said they were left guessing about whether their e-mail was protected or not, with companies failing to send out any communication about the level of e-mail security protection provided.
Personal Webmail evades protection: When accessing their personal e-mail account at work, 42% of respondents know they are not protected from security attacks launched through personal Webmail.
Gaps left in e-mail security: The survey highlights potential gaps in the e-mail security provided to employees, with 23% of respondents not protected against malicious code contained within e-mail attachments. The survey reveals a number of grey areas where respondents did not know whether they were protected or not:
18% didnít know whether they were protected against malicious phishing e-mails
21% didnít know their level of protection against other inappropriate or malicious e-mails
Just over one quarter (26%) said they were either not protected or did not know whether they were protected against harmless but unwanted spam.
Responsibility rests with companies: 67% of respondents thought that responsibility for e-mail security should rest with the IT department and 15% considered they should take personal responsibility. Only 8% called for a law to be put in place ensuring protection against e-mail threats at work.
Lack of trust in e-mail to send sensitive data: The majority of respondents (62%) said they would not choose to send a sensitive or confidential document via e-mail, indicating an apparent lack of trust in e-mail as a secure means of communication. Instead, preferred methods of sending sensitive data include:
22% would print the document in send it by registered or special delivery
15% would opt to send a document using a courier
5% would even choose to send a confidential document using the regular post rather then send electronically.
ìTodayís security attacks are becoming more targeted and stealthy, with cybercriminals using multiple channels and attack methods to weave their way into an organisation to steal corporate and personal data,î said Ross Paul, director of product management, Websense. ìThis research indicates a knowledge shortfall about e-mail security amongst UK employees. With e-mail threats so sophisticated, organisations that have not taken responsibility for security away from their employees are leaving their company data exposed and employee personal data at risk. Businesses need to ensure they have real-time Web and e-mail security in place combined with robust business processes and proactive staff education, to protect their confidential information and safeguard their employees.î
Survey: Employees in State of Denial About E-mail Security Threats
More than 70% of respondents donít recognise spam as a security threat, merely an annoyance
