A startling gap has been revealed in IT security training among SMEs across the UK, with more than half not covering critical cyber risks, despite human error being the leading IT security concern. This information was part of the findings released today.
Sharp Europe, a significant business technology provider for SMEs in Europe, conducted a comprehensive survey, unveiling a worrisome misalignment between IT security concerns and the specific training implemented to tackle prevalent cyber risks.
The survey of 5,770 professionals in charge of IT procurement in SMEs found that the most significant threat to the effectiveness of business IT security is employees’ lack of cyber training, more so than industry-wide attacks or insufficient security measures. A concerning 24% have heightened worries about technology security risks due to the absence of adequate employee training.
However, crucial areas impacted by security breaches, such as Virus attacks (25%), Phishing (31%), Data loss (30%), and Password attacks (24%), are not sufficiently included in the current employee training. Under half of the SMEs provide training on password best practices (46%), downloading files safely (46%), connecting to secure networks (45%), or basic login/logout procedures (44%).
Matt Riley, Director of Security at Sharp UK, emphasises: “IT security is as much a people issue as it is a Technology challenge, our team members are ultimately our last line of defence against threats. It’s crucial to have a culture of security and comprehensive training for all employees.”
He also states, “The rise in sophisticated AI-enabled phishing attacks heightens businesses’ vulnerability. At Sharp UK, we’re using interactive training tools to effectively educate our teams. The lack of up-to-date training in these areas is a major concern and can be costly, reinforcing the need for continuous advancements in IT Security training.”
Despite increased security concerns with the widespread adoption of hybrid working, only 40% of UK firms have enhanced their IT security training since the shift, and just 41% include hybrid working in their training modules.
Nevertheless, 92% of those overseeing IT in UK SMEs confidently believe in their comprehensive IT knowledge. For more insights and advice tailored to SMEs, please visit sharp.co.uk.
