21 02 Data security 10 scaled 1A recent UK study found that nearly half of employees (42 percent) cannot spot a scam email. These findings come from the cyber security firm OpenText Solution which surveyed 2,000 employees from small businesses. This research underlines the key issue that is exposing companies to cyber attacks, a lack of cyber security literacy among its employees. Despite the average business being targeted 28 times by cyber threats, most employees weren't even aware that cyber attacks were an everyday threat to companies. 

Over half of the surveyed employees stated that they had heard standard cyber threat terms such as DDOS (distributed denial-of-service) or BEB (business email compromise). With nearly half of large organizations reporting networking downtime lasting longer than one day to phishing attacks, basic cyber threat awareness training is growing in popularity and importance.

Matt Aldridge, principal consultant at OpenText Security Solutions, comments,"Security awareness is critically important for all organizations, as the employee is always the first line of defense in cyber security.

"There's no use investing in sophisticated cyber security software if employees click on dangerous phishing links and grant cyber-criminals access to the business network or to confidential data. It's like turning on a fancy home security alarm but leaving a window open - you'll be left playing catch-up after the bad guys get in.

"To ensure cyber resilience, employees need to be educated on the latest risks as soon as they are discovered - whether that's the Royal Mail scam or the multitude of other threats. Organizations can achieve this by using templated phishing simulations that are reflective of the latest emerging scams.

"These should be implemented alongside strong and robust communication to employees and adequate technical defenses, all of which will help to ensure cyber resilience."