Many workers don’t care about cybersecurity or ransomware, new report decrees

Two-thirds of UK employees surveyed are putting organisations at risk

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

New research has claimed nearly two-thirds (64%) of UK businesses were infected withransomwarein 2023, while 95% of workers admitted to willingly endangering the integrity of their workplace’s cybersecurity measures despite knowing the risks of attacks.

A report fromProofpointclaims 70% of surveyed employees apparently risk online such as sharing and reusing passwords and clicking phishing links.

Nearly half (48%) admitted to carelessness for convenience, 40% in order to save time, and 22% due to a perceived sense of urgency.

Phishing risks

Phishing risks

Businesses having received 30% more financial penalties from regulatory bodies and a 78% increase in reports of ‘reputational damage’ over the course of the last year.

In its report, Proofpoint noted that it’s now clear that tech literacy, or ignorance, is not the barrier to employees keeping businesses safe online, but the actual employees themselves.

Proofpoint’s Chief Strategy Officer Ryan Kalember acknowledged the challenge of employee apathy. “Individuals play a central role in an organisation’s security posture, with 74% of breaches still centering on the human element,” he claimed.

“While fostering security culture is important, training alone is not a silver bullet. Knowing what to do and doing it are two different things. The challenge is now not just awareness, but behaviour change.”

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Proofpoint notes in its report a disconnect between the attitudes of IT teams and sysadmins versus employees at the coalface. This is nothing new, but 94% of the employees it surveyed did say that they’d pay more mind to their security responsibilities if controls were more intuitive.

As Kalember notes, “Cybercriminals know that humans can be easily exploited, either through negligence, compromised identity or—in some instances—malicious intent.”

More from TechRadar Pro

Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time