Careless Clicks Report: Could Your Team Spot Cyber Threats?

Length: 16 pages | Format: PDF

We all like to think that our teams wouldn’t click on suspicious-looking links or attachments. But the reality doesn’t always meet this expectation. Just one error of judgement can lead to entire IT systems being compromised by malware or ransomware, and high costs linked to operational disruption, damaged reputation and potential fines.

With hackers becoming more sophisticated and pervasive, we wanted to find out whether everyday bad practices are putting firms at risk of a cyber attack.

We surveyed 200 finance professionals in the UK to test their knowledge and awareness, and whether they receive regular training and advice on how to deal with the threat.

Highlights from the report:

85%

say they’re confident they could spot a cyber attack

59%

admit to clicking on a link or opening an attachment that could have been a phishing scam or cyber attack

37%

use weak or easy-to-guess passwords for work systems

42%

don’t receive regular cyber security training

Report Guest Contributors

Dr John Kingston

Senior Lecturer in Cybersecurity

Dr Kingston is a senior lecturer in cybersecurity at Nottingham Trent University, looks at how the rise of AI, including deep fakes, is heightening the cybersecurity risks, and what firms can do to protect themselves.

Katharine Leaman

Leaman Crellin CEO | Skillcast Advisory Board member

Katharine shares her expertise as CEO of Leaman Crellin and Skillcast Advisory Board member. She urges companies to recognise their compliance blindspots – and make training fun.

Scott Morris

StoneTurn Senior Advisor | Skillcast Advisory Board Member

Scott offers his insights as Senior Adviser at StoneTurn and Skillcast Advisory Board member, explores the changing face of cyber crime, and the disruption an attack can cause.

David Kenmir

Skillcast Advisory Board Chair | PwC INED FSA & Risk and Regulatory Partner

David adds his experience as Chair of Skillcast’s Advisory Board and INED (formerly Managing Director at the FSA and Risk, and Regulatory Partner at PwC). He looks at how firms can build a healthy level of scepticism within their teams.

How can compliance training help?

Our survey found that cybersecurity training is patchy among many organisations, despite the well-known risks. But an organisation’s commitment to delivering ongoing and engaging training more often than not reflects its wider culture. Those who empower employees to understand the threat, make good decisions, and flag up any concerns stand a better chance of protecting their systems and data, compared to those who treat training as a tick-box exercise or fail to deliver it regularly (or at all).

So, as you’ll see in our report, training enables firms to embed good practices in their teams and create a healthy culture of compliance, not complacency.

Get your copy