Cost of living crisis raises cyber risk from unhappy staff
A new survey of UK small and medium enterprises shows that 47 percent believe they are at greater risk of a cyberattack since the cost-of-living crisis.
The study from CyberSmart reveals that 38 percent believe this is due to increased malicious insider threats such as disgruntled employees making decisions that are not in the best interest of the company. While 35 percent believe it is due to negligent insider threats such as overworked or distracted employees making mistakes.
It's perhaps not surprising that 24 percent of employers are finding that their staff are overwhelmed or concerned about meeting their financial commitments, while nearly a fifth (18 percent) find they are feeling overworked. Moreover, 16 percent believe their staff are less engaged or productive due to the stress, 14 percent think they are more unhappy and 11 percent have noticed an increased rift between senior leadership and employees.
This leads to a belief that staff will engage in risky activities. 22 percent believe employees will be more likely to make mistakes such as clicking on a phishing link. 20 percent believe employees will steal sensitive or proprietary data from the company to sell for profit or for a competitive advantage. 17 percent believe employees will seek to harm company reputation and 14 percent believe employees will use AI tools like ChatGPT to do their job for them.
"Not all businesses are experiencing a negative company culture as a result of the crisis. In fact, 20 percent believe the cost-of-living crisis has brought the company closer together and 16 percent of employees are becoming more motivated to impress senior leaders. Nevertheless, in times like these, it is crucial that employers are mindful of how their staff are coping," says Jamie Akhtar, CEO and co-founder of CyberSmart. "It only takes one disgruntled or overworked member of staff to make a decision that could put the entire business at risk. This research highlights the importance of conducting regular security awareness training, but also the need to show up for employees with empathy and support."
You can see an overview of the findings in the infographic below.