Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

‘Employees are your biggest cyber security risk’

Cyber security risk

New research has revealed that the online activities of close to a half of Australian employees have put their employers at risk of online attacks, with medium-sized businesses proving to be the worst offenders. 

Insurance comparison site comparethemarket.com.au has published the results of a survey of 1,007 Australian employees who use a computer at work, revealing that a staggering 44 per cent have put their company at risk of a cyber attack.

Medium-sized businesses (20–199 employees) compromised their employer the most, according to the findings, with 53 per cent of respondents admitting to potentially unsafe activity on their work computer.


This is followed by large organisations of 501–1,000 employees (48 per cent of respondents), organisations of 201–500 employees (47 per cent) and 43 per cent of employees in small businesses (0–19 employees).

Comparethemarket.com.au also found, among employees who had carried out risky computer behaviours, 61 per cent admitted they had opened an attachment in an email from an unknown source, and half (50 per cent) had opened a link in an email from an unknown, external contact.

Among these, employees in medium-sized businesses are the biggest culprits, with this type of activity at 66 per cent.

The comparison site warned that opening emails from unknown recipients can actually be hugely damaging, with recent research pointing to the fact that one in 728 emails in Australia is a malicious email, and 48 per cent of all malicious email attachments are in an Office file format.

According to the Australian Competition and Consumer Commission, in 2018 email scams cost businesses more than $60 million in lost revenue and time.

Further computer-related actions respondents admitted to doing at work included downloading an app or software from a third-party website without their employer’s permission (29 per cent) and sharing emails from friends or other contacts that are going viral where the original source is unknown (22 per cent).



Educating employees 

Concerningly, according to the small business ombudsman, 87 per cent of small business owners think using antivirus software alone means they’re safe from cyber attacks.

However, comparethemarket.com.au also revealed that 33 per cent of employees have ignored computer notifications and updates on their computers, meaning that many are not protected.

The government has recommended businesses have a cyber-security policy in place to minimise the chances of online attacks, so employees are fully educated around safe computer usage. Among other things, the government recommends employers set rules around handling technology and prepare for an incident in advance. 

For more information, visit the government’s dedicated page.

Maja Garaca Djurdjevic

Maja Garaca Djurdjevic is the editor of My Business. 

Maja has an extensive career as a journalist across finance, business and market intelligence. Prior to joining Momentum Media, Maja spent several years unravelling social, political and economic intricacies in Eastern Europe. 

You can email Maja on This email address is being protected from spambots. You need JavaScript enabled to view it. 

‘Employees are your biggest cyber security risk’
mybusiness logo