Apparently not that much. Or at least, they do not take it as seriously as they should do. That is what Computerweekly.com reported on 1st December.
Technology is not enough. You can have high protection for your IT systems but if employees are not really careful, cyber criminals will take advantage of this weakness. According to David Emm, senior security researcher at Kaspersky Labs “Sometimes they (employees) simply do not realise the danger; sometimes they are taken in by the lure of something for nothing; and sometimes they cut corners, such as using the same password for all online accounts”.
Companies should spend more time on how to involve their employees into the IT security processes of the business, to minimise potential vulnerabilities. There are several solutions that could help reduce the risk of this problem.
Firstly, you can create strict rules concerning the use of IT systems, equipment and data. Then you can inform your employees regularly about existing and potential threats. Finally, you can set up some IT training about IT security (who, why, where, when, how…).
IT Infrastructure Security and Employee Training - London, UK - Proxar IT Consulting.