Fujitsu study shows corporate security fails to keep pace in the new normal
Conclusions from the study:
- More than a year after the introduction of remote working arrangements, many organisations are yet to review their cybersecurity.
- Companies face increased attack surfaces and widespread employee reluctance to report potential security incidents for fear of recrimination.
- More than half of business leaders agree that security policies have been unable to keep pace with significant changes
- 61 per cent of employees believe their current cybersecurity training is ineffective, with boredom, lack of targeting, and generic content contributing to a lack of cybersecurity ownership.
Sydney, April 19, 2021 - Fujitsu has released a new study that shows organisations may have accidentally created a workplace culture where employees are now more reluctant to report cybersecurity issues for fear of recrimination.
Findings from the Building a Cyber Smart Culture study suggest many employees working remotely feel more isolated than ever and less able to ask a workmate for casual advice around cybersecurity issues. The study showed 48 per cent of non-technical employees were reluctant to report any potential threats for fear of possible recrimination, leaving organisations exposed to cyberattack. The study is based on a survey of 331 senior executives from 14 countries and five broad industry groups: financial services; retail; manufacturing (including automotive); energy (including utilities); and government.1
Key findings of the study included:
- 54 per cent of organisations were unable to ensure that security policies had kept pace with significant changes.
- 45 per cent of respondents believed cybersecurity had nothing to do with them.
- 60 per cent said all employees in their company received the same cybersecurity training, despite significant differences in roles and security issues they face. Of the businesses that provide role-based training, 61 per cent found it ineffective, citing factors such as the training being too boring (35 per cent), too technical (35 per cent), or too long (32 per cent).
- 69 per cent of respondents thought cybersecurity training was most effective when it involved games, rewards, or quizzes to improve security awareness or behaviour.
Martin Holzworth, Head of Portfolio, Cybersecurity, Fujitsu Oceania, said, “For many organisations, cybersecurity was forced into the back seat in the race to enable remote working at the start of the COVID-19 pandemic. In too many cases, these makeshift, temporary arrangements are still in place. This means organisational cyberattack surfaces have increased; however, employees are reluctant to report potential incidents. An integrated approach is needed to implement cultural change that focuses on cybersecurity.
“The most common security breaches occur when employees click on email links or open attachments that deploy malware or collect sensitive information in phishing attacks. Addressing this weakness with the right corporate culture and knowledge sharing is the cheapest and most effective cybersecurity measure that a company can take.
“Organisations need to empower and engage employees on an individual basis to ensure they are aware of potential security risks. They need to introduce a culture where everyone’s job contributes to the company’s overall security posture. However, it must be supported by the CEO and heads of departments. If cybersecurity is not owned at the top, it is not owned by the organisation. Investment in creating the right culture, educating employees, and building trust makes organisations genuinely resilient to modern cyberthreats.”
Fujitsu’s advanced security solutions help businesses and public sector organisations minimise disruption and maintain business continuity by strengthening their security strategy and operations. Fujitsu’s intelligence-led solutions are supported by an integrated and collaborative approach to cybersecurity challenges. This lets Fujitsu’s customers adopt a security model that protects the organisation without hindering business growth.
- 1The global survey was conducted in September 2020 by Longitude / Financial Times on behalf of Fujitsu.
Online resourcesRead the Fujitsu blog: http://blog.au.fujitsu.com
Follow Fujitsu on Twitter: http://www.twitter.com/FujitsuAU
Follow us on LinkedIn: https://www.linkedin.com/company/fujitsu-australia-limited
Find Fujitsu on Facebook: https://www.facebook.com/FujitsuAustraliaNewZealand
For regular news updates, bookmark the Fujitsu newsroom: https://www.fujitsu.com/au/about/resources
Fujitsu is the leading Japanese information and communication technology (ICT) company offering a full range of technology products, solutions and services. Approximately 130,000 Fujitsu people support customers in more than 100 countries. We use our experience and the power of ICT to shape the future of society with our customers. Fujitsu Limited (TSE:6702) reported consolidated revenues of 3.9 trillion yen (US$35 billion) for the fiscal year ended March 31, 2020. For more information, please see www.fujitsu.com.
About Fujitsu Australia and New Zealand
Fujitsu Australia and New Zealand is a leading service provider of business, information technology and communications solutions. We partner with our customers to consult, design, build, operate and support business solutions. From strategic consulting to application and infrastructure solutions and services, Fujitsu Australia and New Zealand have earned a reputation as the single supplier of choice for leading corporate and government organisations. Fujitsu Australia Limited and Fujitsu New Zealand Limited are wholly owned subsidiaries of Fujitsu Limited (TSE: 6702). See www.fujitsu.com/au.
Media ContactsCommunications team
Fujitsu Australia and New Zealand
Phone: +61 2 9776 4555
All company or product names mentioned herein are trademarks or registered trademarks of their respective owners. Information provided in this press release is accurate at time of publication and is subject to change without advance notice.