Your staff are your weakest cyber security link and here’s why

Updated: 4th February 2021

You may be surprised to know that it is not necessarily your technology or the systems that you have in place that allow in hackers and data thieves. It is common for members of staff to be the weakest cyber security link.

From losing company laptops and phones, to failing to change passwords at regular intervals, your employees may be to blame if hackers successfully disrupt your business. So what might your employees do to compromise the security of business data?

Using their own devices at work

Connecting to the company’s network using their own devices can infect your system if the device is not secure. It is very difficult to monitor activity in this respect if you do not operate a specific ‘Bring Your Own Device’ (BYOD) policy, or use a Virtual Private Network (VPN) that keeps the employee’s personal data encrypted. 

Password security

Password security is a crucial aspect when keeping your business information safe, but members of staff may be compromising data security in a number of ways. Writing down passwords, using passwords that are not strong enough, and failing to change them regularly, can each significantly compromise your efforts.

When no password security policy is in place, or employees simply do not follow it, the result is a very vulnerable organisation that could suffer a seriously debilitating cyber attack, or loss of customer data that results in significant financial penalties from the regulators.

Failing to update software

A failure by staff to update the software and other applications on their work computers, and to apply security patches, compromises your network and potentially allows hackers and thieves easy access.

Consistently applying good cyber security techniques, which are generally fairly simple and straightforward procedures for your employees to follow, offers your business an increased chance of avoiding a breach or cyber attack.  

Malicious attack by an existing or former employee

A disgruntled employee could exploit known issues in your systems, and damage crucial files or compromise data integrity, particularly if they have high security clearance. It would be relatively easy to harvest sensitive business information and trade secrets, and carry on undetected for some time.

A member of staff who has had their contract terminated also poses a serious threat to your business. In fact any exiting employees could be a potential risk given their knowledge of the company’s systems, so it is crucial to ensure that official access is also terminated when they leave.

Availability of employee information via social media

Employees may access their social media accounts while at work, which introduces a risk for your system if their personal data is targeted. With so much personal information online these days, it would not take long to contact your employee with the intent of stealing company data, or introducing malware onto your systems via a rogue email.

Losing company hardware

For obvious reasons, losing company hardware, whether it is a laptop, tablet or phone, also presents a serious risk to cyber security. Human error is a constant theme running through the threat to your company’s cyber security, and the loss of unencrypted business hardware is one of the biggest issues in this respect.

Social engineering

This type of cyber attack mimics communication from a ‘trusted’ source, or someone the employee knows. It could be an email that appears to originate from a client, for example, or a supplier, but does in fact contain a malicious link that introduces a virus, malware, or perhaps ransomware onto your system. 

If the employee who receives the communication clicks on the malicious link, the virus can spread throughout your network of computers and cause serious disruption to the business as a whole.

Lack of training and general mis-education

It is vital to provide your staff with regular training on current methods of cyber attack and cyber security so they understand how hackers get into the system. This awareness allows them to be more vigilant, and to reduce the likelihood of human error being a factor in such an attack.

Your business is at great risk of incurring vital data loss, or suffering a devastating security breach that compromises your ability to operate effectively. For more information on how to formulate a data security policy that will help to counteract cyber threats, call our expert team at Begbies Traynor.

As the largest UK professional services consultancy we can assess your risk of cyber attack and put forward practical steps to mitigate the threat. We are able to offer you a same-day consultation free-of-charge, and work from over 70 offices around the UK.

Network of Over 100 UK Offices

Find your local Begbies Traynor Group office and speak to an adviser today.

Find your Local Office
0800 063 9221

Call our Confidential Advice Line. Calls to this number are free of charge.

Call us now...
Request a Meeting

We invite you to come and discuss your enquiry with us at your convenience.

Request a meeting...
0800 464 0871

Call our Confidential Advice Line. Calls to this number are free of charge.

Call us now...
Request a Meeting

We invite you to come and discuss your enquiry with us at your convenience.

Request a meeting...
0161 837 1700

Call our Confidential Advice Line. Calls to this number are free of charge.

Call us now...
Request a Meeting

We invite you to come and discuss your enquiry with us at your convenience.

Request a meeting...
Begbies Traynor Group plc, announces that it has completed the acquisition of CVR Global LLP
CVR is a leading independent firm of insolvency practitioners, forensic accountants and experts in other related complementary disciplines.
Read More →
Coronavirus pushes financially distressed companies over the half-million mark
Number of businesses in significant distress stands at 509,000 – the highest number measured by the Red Flag Alert research
Read More →
BTG Advisory accelerates growth with appointment of four new partners to its London office
BTG Advisory, the boutique advisory arm of Begbies Traynor Group announces the appointment of four new partners to its Canary Wharf office
Read More →
Eighty jobs saved with £1m sale of engineering business
South Yorkshire company Newburgh Precision rescued through administration
Sale enables 75-year-old business to continue trading
Read More →
Join thousands of professionals by signing up for our updates
Analysis and Opinion from our Partners
Top Industry News
Register Now →

Advice you can trust

We are accredited by the following industry leading organisations

Insolvency Practitioners Association Institute of Chartered Accountants in England and Wales R3: Association of Business Recovery Professionals ICAEW Business Advice Service Turnaround Management Association ICAS | The Institute of Chartered Accountants of Scotland

Contact the Begbies Traynor Group team

or Find your Nearest Office

Here at Begbies Traynor Group we take your privacy seriously and will only use your personal information to contact you with regards to your enquiry. We will not use your information for marketing purposes. See PRIVACY POLICY


This site uses cookies to monitor site performance and provide a more responsive and personalised experience. You must agree to our use of certain cookies. For more information on how we use and manage cookies please read our PRIVACY POLICY