Your co-workers have probably been involved in a data breach

(Image credit: ESB Professional / Shutterstock)

Businesses are being left open to cyberattacks as a result of employees failing to take proper precautions, a new report has warned.

Data from Impero found one in five employees in the UK have been directly involved in a security breach or loss of sensitive data, showing the sheer scale of risk for companies of all sizes.

The report also found that more than half (56%) use personal devices to access company data and systems - on average, three times a week - opening the door to threat actors.

Data breach risk

Worryingly, nearly half (42%) of those workers using personal devices to access workplace data claimed their employer had no security policies controlling how these items devices can interact with sensitive information.

This could be an incredibly dangerous move, as 91% of the employees who had been involved in a security incident said that they used personal devices to access sensitive data while at work, with half of that group (51%) doing so without adhering to a robust device security policy.

“Despite the abundance of internet-connected devices used by employees in the modern businesses, especially in the new hybrid working world, many feel their employers are not equipping them with the knowledge and tools they need to work securely, particularly when interacting with sensitive data," noted Justin Reilly, CEO of Impero.

> Half of Americans accept all cookies despite the security risk

> Microsoft reckons businesses are making a few fatal hybrid working mistakes

> Some Microsoft Office updates are being flagged as ransomware threats

“Employees shouldn’t need to be worried or threatened by the prospect of security breaches – their employers should provide the tools and training they need to feel secure. This is especially important at a time when the competition for talent is intense and ‘The Great Resignation’ looms large. A truly secure, connected working environment can only be achieved by harmonising people, processes and technology."

The research also found a quarter (24%) of employees said they weren't confident in recognizing cybersecurity threats while at work, while a similar number (26%) agree that their company could improve the quality of its cybersecurity training.

We've also featured the best VPN to keep you safe

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.