Who is to blame?

Companies that are victims of cyberattacks admit that employees are the largest source of cyber threats (53%), either because they are motivated by malicious intent (31%) or they unintentionally trigger an attack by clicking, for example, on a fraudulent link (22%).

This prompts most organizations (76%) to take the time to review their security practices, whether it’s by providing training to employees (32%), developing a telecommuting policy (31%) or investing in software (29%).

Companies are also forecasting less technology investment in the next two years (80%) compared to 2020 (88%). Investment plans in advanced data analytics and artificial intelligence are also declining, falling to 18% in 2021 from 29% in 2020.

Tips to improve

Michael Howard, head of security and analytics practice at HP provided his top five tips on cyber security. These include, number one, assessing your environment, which is critically important. With people working from home, employers should do security assessments, making sure to assess each and every endpoint, Howard says.

Secondly, employers should work with vendors who provide tools that “start extending that capability and bringing that monitoring and management back into view,” says Howard. The third point is based around education. Every organization should be educating every employee, not with a carrot-and-a-stick approach but by rewarding them for good behaviour and educating over bad behaviour.