Chubb Limited is one of the leading players in the global insurance market. It offers a wide array of insurance products and continues to be a thought leader. Now according to its Third Annual Cyber Report, there should be much concern by businesses over the status of their cybersecurity. It notes that hackers or cyber breaches concern eight in 10 Americans, but this concern is undercut by employee complacency.
The report states that only 41% of Americans use cybersecurity software, and only 31% regularly change their passwords. These statistics are mostly the same as they were in 2018. While it is not an employer’s responsibility to police the security of employee’s digital data, but Chubb is quick to point out that complacency at home can carry over to the workplace.
Businesses need to step up efforts
An estimated 70% to 75% of companies here in the U.S. claim they have good to excellent cybersecurity practices in place. However, only about one-third held employee training on cybersecurity in 2018/2019 or leverage social media blocks. Around 40% deploy filters of online content.
Employees often learn about cybersecurity protection from mainstream media, family or friends. While just over 50% correctly identified ransomware, that leaves the other half to potentially put a business, municipality or employer under attack because the worker did not understand the perils of clicking unsolicited emails or falling prey to other fraudulent ploys. In this day, it can bring an entity of any size to a standstill with every remedy taking time and costing much more than security software and training.
A mix of solutions
Generally speaking, employers need to reengage with employees about the seriousness of this potential threat:
- A fresh round of training is warranted with continued updates annually.
- Chubb recommends an insurance policy that safeguards against cybersecurity risks.
- Talk to the IT department about specific areas of exposure within the organization.
- This also includes simple things like turning off unused computers, backing up computers, removing storage drives before disposing of old equipment, and requiring employees to change their passwords regularly.
Strong security is good business
Employers can work with attorneys to update their employee manuals to strengthen cybersecurity protocols, but it may also be necessary to work with an attorney regarding issues of coverage if a hacker targets the employer.