Recent insights reveal that more than half of SMEs in the UK are not addressing significant cyber risks in their IT security training, even though human error tops the list of IT security worries. This comes from new data released today.
A pan-European survey by Sharp Europe, a major supplier of business technology solutions to European SMEs, highlights a disturbing disconnect between IT security apprehensions and the corresponding training in place for common cyber risks.
The research, involving 5,770 IT purchasing professionals in SMEs, indicates that the absence of comprehensive cyber training for employees is viewed as the most significant threat to the efficacy of their businesses’ IT security, surpassing concerns about large-scale industry attacks or lack of proper protection. Alarmingly, 24% are now more anxious about technology security risks due to the deficit in employee training.
Despite the importance of training in addressing human error, vital topics such as Virus attacks (25%), Phishing (31%), Data loss (30%), and Password attacks (24%) are overlooked in many training programs. Only a minority of SMEs cover critical aspects like password security (46%), safe file downloading (46%), secure network usage (45%), or even basic login/logout protocols (44%).
Matt Riley, Director of Security at Sharp UK, notes: “IT security is as much a people issue as it is a Technology challenge, our team members are ultimately our last line of defence against threats. Creating a security culture and robust training that covers all employees is essential.”
He further comments, “With AI-enabled phishing attacks becoming more sophisticated, the vulnerability of businesses increases. At Sharp UK, we’re adopting new, engaging training tools. Neglecting updated training in key areas can lead to significant business costs, highlighting the need for ongoing investment in IT Security training.”
Despite the general rise in security concerns with the shift to hybrid working, a mere 40% of UK businesses have updated their IT security training post this transition, and only 41% include hybrid working scenarios in their training.
Nonetheless, 92% of IT responsible individuals in UK SMEs are confident in their IT knowledge. Visit sharp.co.uk for more information and advice for SMEs.
