Do I need to train employees on data protection?
Do I need to train employees on data protection?

Business resilience is all the rage and has clearly become more important for companies in all sectors. Business resilience is a term that combines crisis-management and business continuity – it represents the ability of organizations to rapidly adapt and respond to all types of risks, including cyber attacks and data breaches.

This blog will help you understand how staff training will future-proof your company by helping to prevent cyber attacks and data breaches.

Cyber Attacks and Data Breaches

When you think of a data breach, is it hackers and ransom ware that you think of? If you do, you’re not alone. Most people think of a cyber security threat when they think of a data breach. 

However, would you be surprised to find out that most data breaches are caused by human error?  In fact, according to the ICO, in 2020 there were over twice as many non-cyber security incidents than there were cyber incidents – 1857 to 737.

 INCIDENT TYPE NUMBERS
Cyber security incidentsBrute Force       19
 Hardware/software misconfiguration       22
 Malware       41
 Other cyber incident      55
 Phishing      258
 Ransomware     152
 Unauthorised access     190
 Cyber Security Incidents Total      737
 INCIDENT TYPE NUMBERS
Non-cyber security incidentsAlteration of personal data        3
 Data emailed to incorrect recipient        402
 Data of wrong data subject shown in client portal        33
 Data posted or faxed to incorrect recipient        266
 Failure to redact       105
 Failure to use bcc       80
 Incorrect disposal of hardware       4
 Incorrect disposal of paperwork       9
 Loss/theft of device containing personal data       46
 Loss/theft of paperwork or data left in insecure location       141
 Not Provided       91
 Other non-cyber incident       613
 Verbal disclosure of personal data      64
 Non-Cyber Security Incidents Total       1857

(Source: https://ico.org.uk/action-weve-taken/data-security-incident-trends/)

The fact is, data breaches are mostly caused by people, your staff, making mistakes. As you can see from the chart, the most common data breaches were:

1. ‘data emailed to incorrect recipient’

2. ‘data posted or faxed to incorrect recipient’

3. ‘phishing’, which also involves human error.

So now that you know that human error is the major cause of data breaches, the next thing to ask is ‘what can I do to reduce the risk of human error?’  The answer to that is simple… it’s ‘staff training’.

Staff training builds business resilience

Your employees are a critical factor in your organisation’s resilience. They are the front line — they are the ones that can cause data breaches or prevent them.  

Staff training helps reduce the number of data breaches, which in turn, can help prevent loss of trust and reputation; can help protect your customer’s privacy; and improve your brand’s value.

Staff training should include:

Managing online risk
Staff need recognise on-line phishing activity and how to avoid a hacker’s attempts to uncover sensitive information.

Protecting personal data
Staff should know what constitutes personal data and understand their responsibility for that data. They should understand the data protection principles and how these work in practice. Staff should also know what a data breach looks like and how to avoid having one.

Safe device usage
Staff should have strategies and techniques for the safe use of personal mobiles and tablets. They should know about password safety and remote working best practices.

Starters and movers
Make sure that all new starters receive data protection training within the first month of starting.  Have refresher training at least once a year. And don’t forget the movers – provide training that is appropriate to a staff member’s new position.

A data breach exposes the vulnerabilities of an unprepared business.

Don’t let this ‘unprepared business’ be you. Work on your business’s resilience. Have your staff trained in data protection. Protect your reputation and your brand.

We’re here to help, every step of the way.

Don’t wait. Book a free consultation today!

 

Share This

Share this post with your friends!

Share This

Share this post with your friends!