- Employee error seen as bigger risk than industry attacks and lack of security cover
- Major security weaknesses such as password hygiene and downloading files not covered in significant percentage of training provided
- No increase or change in training despite mass move to hybrid model
Despite human error being the biggest IT security concern for nearly four in ten (37%) SMEs across Europe, IT training is missing some of the most common cyber-weak areas, according to new insights released today.
The pan-European survey from Sharp Europe, a major provider of business technology products and services to SMEs across Europe, reveals a worrying disconnect between levels of IT security concern and the specific training businesses have in place to address the most common cyber risks.
The research of 5,770 professionals responsible for purchasing IT in their SME reveals that, employees not following or even having any cyber training is seen as the biggest risk overall to the effectiveness of their businesses’ IT security; more so than large scale industry attacks or concerns around not having the right protection in place. In fact, a third (28%) are now more concerned than previously about technology security risks because of the lack of training for employees.
Despite the importance of training, and the concerns around human error, the research reveals that areas that would address threats such as Virus attacks, Phishing, Data loss and Password attacks (all of which have impacted up to a third of European SMEs ) are simply not covered by a significant proportion of the training provided. Only around four in ten security training programmes cover passwords, downloading files, secure handling of data, connecting to a secure network, or even the basics around logging on and off.
Colin Blumenthal, Vice President, IT Services at Sharp Europe, comments:
“IT security is as much a people issue as it is a Technology challenge. Businesses and organisations of course need to have all the right technology in place, such as Firewalls and Antivirus software, but they also need to create an online security culture that covers all employees, not just the IT team and senior management."
“Failing to have continuous refreshed cyber training in place for dealing with everyday issues like changing passwords, spotting phishing emails and downloading files is a real concern. The recent surge in AI-enabled phishing attacks is rising to new levels of sophistication, meaning more businesses are more vulnerable than ever to attack. To combat this they need to educate their staff to be more vigilant and how to manage these evolving threats. Ultimately, these training ‘black spots’ could cost businesses significantly.”
Even with the general rise in security concerns following a mass move to hybrid working, only 41% of firms across Europe have increased IT security training since moving to a hybrid model and only 36% of European small businesses cover hybrid working in their training programmes.
The research also revealed that only 30% of those responsible for IT in European SMEs are very confident that they have adequate knowledge of IT.
For more insights and advice on security preparedness for SMEs, please visit our Real World Security Hub.
The research was conducted by Censuswide in Q1 2023 and responded to by 5,770 IT decision makers and people responsible for purchasing IT within SMEs, from 11 countries including Austria, Belgium, France, Germany, Italy, the Netherlands, Poland, Spain, Sweden, Switzerland, and the UK.
About Sharp Europe
Sharp Europe enables small to large enterprises and organisations to enhance performance and adapt for their workplaces of the future through a range of business technology products and services.
Headquartered in London, Sharp Europe serves customers in the private and public sectors, Education and Government, a portfolio ranging from printers and advanced flat screen technologies, collaboration platforms, through to IT services.
As part of Sharp Corporation, and with the backing of Foxconn, Sharp Europe is investing and leading the industry in new areas of technology that have the potential to change the world. It developed the world’s first commercially available 8K monitor and in 2019 launched the world’s first certified Windows collaboration display.