The majority (52%) of employees value their personal data more highly than corporate information, according to new research from Fujitsu.
The report also found that a worryingly large 43% of staff members simply don’t understand the value of business data.
Although a majority (58%) said they understand the risk of identity theft, just 13% said they knew what security measures their employer has in place and 23% said both they and their organization could do more to improve security.
The link between personal and corporate security is more important than it sounds because cyber-criminals are increasingly looking to gather information on specific staff members via their private social media accounts.
This can then be used to launch more effective follow-up attacks, such as spear-phishing scams, designed to infiltrate corporate systems.
Rob Lay, Fujitsu UK&I enterprise and cybersecurity solutions architect argued that the challenge for organizations is to produce a “sense of responsibility” among staff regarding both types of data.
“If businesses can build a link between the general concepts of better security – such as not clicking on potentially unknown links or opening unknown attachments – then this will benefit employees at home, in addition to helping improve the protection of corporate data,” he told Infosecurity.
Lay added that firms must battle a perception problem among staff.
“In general employees are relatively good at protecting physical corporate assets such as laptops, however businesses need to develop the same sense of importance around data assets among employees,” he said.
“This can be helped by awareness training, but needs to be done as part of a broader engagement program as annual, or bi-annual awareness sessions don’t develop the level of engagement needed to make significant improvements in this area.”
One way to help raise awareness about the importance of corporate data security is to better articulate the “knock-on importance” to business performance and growth, Lay explained.