Insurance comparison site comparethemarket.com.au has published the results of a survey of 1,007 Australian employees who use a computer at work, revealing that a staggering 44 per cent have put their company at risk of a cyber attack.
Medium-sized businesses (20–199 employees) compromised their employer the most, according to the findings, with 53 per cent of respondents admitting to potentially unsafe activity on their work computer.
This is followed by large organisations of 501–1,000 employees (48 per cent of respondents), organisations of 201–500 employees (47 per cent) and 43 per cent of employees in small businesses (0–19 employees).
Comparethemarket.com.au also found, among employees who had carried out risky computer behaviours, 61 per cent admitted they had opened an attachment in an email from an unknown source, and half (50 per cent) had opened a link in an email from an unknown, external contact.
Among these, employees in medium-sized businesses are the biggest culprits, with this type of activity at 66 per cent.
The comparison site warned that opening emails from unknown recipients can actually be hugely damaging, with recent research pointing to the fact that one in 728 emails in Australia is a malicious email, and 48 per cent of all malicious email attachments are in an Office file format.
According to the Australian Competition and Consumer Commission, in 2018 email scams cost businesses more than $60 million in lost revenue and time.
Further computer-related actions respondents admitted to doing at work included downloading an app or software from a third-party website without their employer’s permission (29 per cent) and sharing emails from friends or other contacts that are going viral where the original source is unknown (22 per cent).
Concerningly, according to the small business ombudsman, 87 per cent of small business owners think using antivirus software alone means they’re safe from cyber attacks.
However, comparethemarket.com.au also revealed that 33 per cent of employees have ignored computer notifications and updates on their computers, meaning that many are not protected.
The government has recommended businesses have a cyber-security policy in place to minimise the chances of online attacks, so employees are fully educated around safe computer usage. Among other things, the government recommends employers set rules around handling technology and prepare for an incident in advance.
For more information, visit the government’s dedicated page.