Only one in 10 employees is aware of IT security policies

A new survey from Kaspersky Lab reveals that there is a major disconnect between employees and their employer's IT security guidelines.

In a survey of almost 8,000 full-time employees, 49 percent of those employees surveyed consider protection from cyber threats to be a shared responsibility, but only 12 percent of respondents are fully aware of their organization’s IT security policies and rules.

In addition, a worrying 24 percent of employees believe there are no established policies in their organizations at all. This lack of awareness tends to be a particular problem for SMBs where there is no dedicated IT security function and responsibilities are distributed among IT and non-IT employees.

"The issue of unaware staff can be a major challenge to overcome, especially for smaller businesses where a cyber security culture is still being developed," says Vladimir Zapolyansky, head of SMB business at Kaspersky Lab. "Not only can employees themselves fall victim to cyber threats, but they are also obliged to guard their company from those threats in the first place. In this regard, businesses should be educating staff and introducing easy-to-use -- but still powerful -- security solutions that make managing protection achievable for those who are not experts in IT security."

You can find out more about the threats posed by employees to IT security on the Kaspersky blog.

Image credit: Siphotography/depositphotos.com