Do I need to train employees on data protection?

staff data protection training

Business resilience is all the rage and has clearly become more important for companies in all sectors. Business resilience is a term that combines crisis-management and business continuity – it represents the ability of organisations to rapidly adapt and respond to all types of risks, including cyber attacks and data breaches.

This blog will help you understand how data protection staff training will future-proof your company by helping to prevent cyber attacks and data breaches.

Cyber Attacks and Data Breaches

 

What is a data breach?

When you think of a data breach, is it hackers and ransom ware that you think of? If you do, you’re not alone. Most people think of a cyber security threat when they think of a data breach.

However, would you be surprised to find out that most data breaches are caused by human error?  In fact, according to the ICO, in 2020 there were over twice as many non-cyber security incidents than there were cyber incidents – 1857 to 737.

INCIDENT TYPE  NUMBERS
Cyber security incidents Brute Force        19
Hardware/software misconfiguration        22
Malware        41
Other cyber incident       55
Phishing       258
Ransomware      152
Unauthorised access      190
Cyber Security Incidents Total      737
  INCIDENT TYPE  NUMBERS
Non-cyber security incidents Alteration of personal data         3
Data emailed to incorrect recipient         402
Data of wrong data subject shown in client portal         33
Data posted or faxed to incorrect recipient         266
Failure to redact        105
Failure to use bcc        80
Incorrect disposal of hardware        4
Incorrect disposal of paperwork        9
Loss/theft of device containing personal data        46
Loss/theft of paperwork or data left in insecure location        141
Not Provided        91
Other non-cyber incident        613
Verbal disclosure of personal data       64
Non-Cyber Security Incidents Total        1857

 

What is the cause of most workplace data breaches?

 

The fact is, data breaches are mostly caused by people, your staff, making mistakes. As you can see from the chart, the most common data breaches were:

1. ‘data emailed to incorrect recipient’

2. ‘data posted or faxed to incorrect recipient’

3. ‘phishing’, which also involves human error.

So now that you know that human error is the major cause of data breaches, the next thing to ask is ‘what can I do to reduce the risk of human error?’  The answer to that is simple… it’s ‘staff training’.

 

Staff training in data protection builds business resilience

Your employees are a critical factor in your organisation’s resilience. They are the front line – they are the ones that can cause data breaches or prevent them.

Staff training in data protection helps reduce the number of data breaches, which in turn, can help prevent loss of trust and reputation; can help protect your customer’s privacy; and improve your brand’s value.

Staff training should include:

Managing online risk
Staff need recognise on-line phishing activity and how to avoid a hacker’s attempts to uncover sensitive information.

Protecting personal data
Staff should know what constitutes personal data and understand their responsibility for that data. They should understand the data protection principles and how these work in practice. Staff should also know what a data breach looks like and how to avoid having one.

Safe device usage
Staff should have strategies and techniques for the safe use of personal mobiles and tablets. They should know about password safety and remote working best practices.

Starters and movers
Make sure that all new starters receive data protection training within the first month of starting.  Have refresher training at least once a year. And don’t forget the movers – provide training that is appropriate to a staff member’s new position.

A data breach exposes the vulnerabilities of an unprepared business.

 

Don’t want to be caught unprepared? Speak to us.

 

Don’t let this ‘unprepared business’ be you. Work on your business’s resilience and ensure that your staff are trained in data protection. Help your team protect your reputation and your brand.

We’re here to help, every step of the way so contact us and Book a free consultation today!

 

Share This

Share this post with your friends!

Share This

Share this post with your friends!