09 December 2024

New research conducted by CyberSmart indicates that organisations not only allow employees to use their personal mobile phones to complete work tasks but actively expect them to.

The research polled 250 small-medium enterprise (SME) business owners or leaders in the UK, and found that 60% of organisations expect their employees to use mobile devices to carry out work tasks despite not providing all of them with work mobile phones.

Equally concerning is that 60% of staff members are not expected to carry out mobile security training. An organisation that allows employees to use personal mobile phones to carry out work without security training is massively increasing the chance of a security incident taking place across mobile devices. Elsewhere, the survey unearthed a worrying lack of concern from business leaders regarding cyber security and employee security. 40% of organisations do not have a mobile code of conduct in place for employees.

“While these results are concerning, SMEs in the UK remain chronically underserviced by the cybersecurity industry,” said Jamie Akhtar, Co-Founder and CEO at CyberSmart. “It is important to make the distinction that many of these organisations have limited resources and are already stretched thin making it difficult for them to invest in cybersecurity. We would advise SMEs to engage with solution providers who understand their specific needs, and more broadly would advise them to consistently focus on cybersecurity training, IT policies and fostering a more security-conscious culture would help them to achieve a more secure workplace.”