A new study by ACA Research released by Mimecast shows that 21% of workers experienced a privacy incident last year and reveals that one in five (19%) did not report it to their employer. The proliferation of privacy issues, Mimecast cites, is due to the increased use of communication tools. The data suggests firms need to be tougher to make privacy a priority.

Coinciding with National Privacy Awareness Week (May 3-7), Mimecast released findings of an Australian-based survey by ACA Research, showing 21% of workers surveyed have experienced a privacy incident over the last year.

However, the data reveals that almost one in five (19%) respondents who experienced a privacy incident did not report it to their employer, with 38% of them stating they didn’t think it was that important when asked why.

Privacy incidents include emailing personal or confidential work information to the wrong recipient, falling victim to a malicious email that allowed unauthorised access to work systems or data, and losing devices containing personal information.

According to Garrett O’Hara, Mimecast Principal Technical Consultant, “the data signifies more work is needed to make privacy a priority and better protect company and personal information at a time when cybersecurity issues and malicious activity are more common than ever.”

O’Hara continues: “In 2020, people were adapting to huge changes in work practices due to the pandemic, so it’s not surprising that some basics in cybersecurity and privacy slipped.”

He warns: “Even so, not reporting a privacy issue is inexcusable, especially when you consider the significant security risk from disclosing personal information and professional data. There’s also the potential financial loss to businesses and individuals when privacy incidents go unchecked and remedies aren’t put in place.”

The data also shows that while 74% of Australians say they take privacy seriously and do enough to protect data in their organisation, their behaviour doesn’t always reflect this:
• Almost half (47%) of the respondents are downloading information onto personal devices
• A third of employees don’t always report strange or suspicious looking emails to their employer. This awareness is not consistent across the country: 75% of Queenslanders say they would always report suspicious looking emails and not open them, and in New South Wales/Australian Capital Territory (NSW/ACT) this figure drops to 60%
• 39% of Australian workers are careless when it comes to avoiding public Wi-Fi and only using secure networks for work purposes.

Use of communication tools exploding

The data says “82% of respondents are using collaboration tools like online chat and video and file sharing more than they were 12 months ago, contributing to increased privacy risks for companies and staff.”

This even further increases the need for Australian businesses to prioritise privacy, says O’Hara.

“Email is still an important communication tool for businesses, but many workers now use chat, multiple messaging apps, video and other solutions, so the potential for privacy slip-ups is increasing across multiple platforms”, he explains.

O’Hara believes security awareness training—“and the right kind”—is critical. With a quarter admitting they only receive training once a year, and over a third skipped training, he says “there’s a risk what we call ‘unstructured data’—like that contained in messages from one employee to another—can find itself on the wrong side of a privacy incident.

O’Hara cites the State of Email Security 2021 report, “asserting businesses need a stricter and more relatable approach to privacy training and processes. This report shows 32% of Australian IT leaders feel their employees’ naivete about cybersecurity is their biggest challenge and 68% think it’s either likely or extremely likely their organisation will suffer a negative business impact from an email-borne attack in the next 12 months.”

Industries, businesses, and states most at risk according to the ACA research:
• Mid-sized businesses (100-999 employees) performed the worst, with 28% of employees in mid-sized organisations saying they had been involved in a privacy incident. Still, 14% of respondents working for organisations with 1,000+ employees had been involved in a privacy issue.
• Industries whose workers had the highest rate of privacy issues were manufacturing (52%), followed by education, professional services, and health care and social assistance (all at 15%).
• Even though they trained regularly, 82% of respondents in manufacturing have skipped privacy training, compared with 42% in professional services, 24% in healthcare and social assistance and 23% in finance.
• Over one in three NSW/ACT employees know a colleague that has experienced a privacy incident in the past 12 months. This reduces to around one in five for employees in South Australia and the Northern Territory.

Advice for businesses

Mimecast advises to make training relevant and engaging. The email security company also recommends “a combination of tools.”

With 90% of all cybersecurity incidents being a result of human error, regular, and impactful training is essential. Training should “also be compulsory”, the Mimecast suggests, but if organisations make it interesting people will be less likely to want to skip it.

10% of people didn’t report a privacy incident because “they thought it would jeopardise their job, while 24% felt embarrassed. Fostering a culture of collaboration rather than punishment can encourage employees to speak up and create a more privacy-aware environment.”

Security threats, working conditions, and technology are constantly changing. Organisational approaches to cybersecurity must keep pace. Cybersecurity training models and the technology used to protect against increasingly sophisticated cyberattacks need to be updated for the COVID-19 work environment.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.
ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV
iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.
SEE WHAT'S ON ITWIRE TV NOW!

Workers don’t report privacy issues: survey

GRAND OPENING OF THE ITWIRE SHOP

INTRODUCING ITWIRE TV

Kenn Anthony Mendoza

Latest from Kenn Anthony Mendoza

Related items