13 August 2018
While employees across the continent understand security risks, they are taking less action than their global counterparts.
European workers have the worst cyber security discipline in the world and are displaying signs of ‘security fatigue’.
That's despite being fully aware of security risks following the introduction of high-profile legislation like GDPR.
Those are some of the findings of a study released earlier today by Aruba.
Conducted to understand how the digital workplace is impacting businesses, its survey interviewed a total of 7,000 employees from organisations of all sizes, across both public and private sectors.
It focused on the industrial, government, retail, healthcare, education, finance, and IT/technology/telecoms sectors.
Respondents were interviewed in the UK, Germany, France, the Netherlands, Spain, UAE, US, Singapore, Japan, Australia, India, Brazil, Mexico, China and South Korea.
Of the 2,650 European employees interviewed, 55 per cent said that they were not regularly thinking about cyber security at work, with nearly a fifth (17 per cent) not thinking about it at all.
In contrast, those in Asia and the Americas think about cyber security on a far more regular basis, with 61 and 51 per cent respectively, considering it often or daily.
When asked, 42 per cent in Europe understood that data loss brought legal ramifications, higher than both the Americas (36 per cent) and Asia (27 per cent).
But while Europe's employees are more aware of the dangers of a security breach, Aruba says legislation is not a deterrent – 26 per cent said cyber security was not important to them.
Combined with the fact that the use of security software is lower in Europe (48 per cent) than other regions, the company says there are clear signs that security warnings are not being acknowledged by the workforce.
It believes Europe may simply be assuming less responsibility for IT security than those in other regions.
More than a third (36 per cent) of European employees don’t believe cyber security is their problem, with many thinking it’s for the leadership team (10 per cent) or the IT department (26 per cent) to manage.
Morten Illum, Aruba’s EMEA VP, reckons this attitude could be due to ‘security fatigue’ brought on by over-exposure to security rules with little technical assistance:
“Employees in Europe have been inundated with security messaging through their organisations, as well as the media. Clearly giving further warnings and adding procedures isn’t having the desired effect.
“If employees understand the risks, but aren’t acting on it, the answer is not to provide yet more training, but to bring in enhanced technology that can provide the assistance and the protection workers need to do their jobs.”
Within Europe, UK employees are the most concerned about data security – 53 per cent of respondents here believe it to be extremely important which is greater than in France (45 per cent) and Germany (39 per cent).
According to the study, French employees don’t grasp the legal dangers of a breach with only 20 per cent understanding the legal ramifications of a data breach, compared to 50 per cent of UK employees.
In Spain, 41 per cent think cyber security isn’t important for a working environment, while those in the Netherlands have the lowest opinion of their cyber security at work with 50 per cent describing it as ‘fair’, ‘poor’ or ‘very poor’.
Aruba says an autonomous approach to security is increasingly becoming more of an imperative as mobile and remote working is becoming the norm.
In Europe, its study found that the amount of employees working in remote or shared locations is now at 53 per cent.
The company reckons this new paradigm creates the need for smart digital workplaces that deliver secure and reliable, optimised and personalised experiences.
Aruba reckons all this will foster employee creativity, collaboration and speed, and without “clunky” security systems causing barriers.
