When an employee doesn’t care about cyber security
It doesn’t matter how thorough a business’ protective measures are, employees remain one of the biggest risks to an organisation’s digital security.
In some cases, it is not that employees don’t care about digital security, but that they don’t fully understand it.
An experiment in London’s financial district proved just how much of a risk employees can be to their organisations. CDs were handed out to commuters by employees of an IT skills company and told the disk contained a special Valentines’ Day promotion. In reality, the CDs contained code which notified the IT company how many of the recipients tried to open the CD. Despite clear warnings on the packaging about the dangers of installing third-party software and acting in breach of company acceptable-use policies, several city workers proceeded to run the disk. A major retail bank and two global insurers were among the organisations whose employees fell for the stunt.