The latest Kaspersky report, “Taking care of corporate security and employee privacy: why cyber-protection is vital for both businesses and their staff”, highlights the ‘human side’ of cybersecurity incidents – examining the discomfort and losses employees face because following breaches. According to the report, around a third of employees (30%) in Saudi Arabia who are involved in the aftermath of an incident missed important personal events, had to work over night (26%), or suffered additional stress (23%). A quarter even had to cancel vacations (23%). While the risk of data breaches always exists, organizations need to keep data security under control so incidents don’t negatively impact employees’ attitude and a business’s reputation – especially during the COVID-19 outbreak.
Work-related stress encroaches on staff work-life balance, efficiency and motivation, with 76% of employees feeling it impacts personal relationships, and 16% even quit their current job because of it. This stress needs to be considered, especially now when so many people are working from home and struggling to maintain their productive working routine. For businesses, such stress can create an overall decrease in employee efficiency, affecting business performance and then leading to direct financial losses. For example, an increasing number of employee absent days caused by stress can cost a large enterprise up to $3.5 million annually. After all, it can also lead to a company’s reputation being potentially damaged as an employer.
As Kaspersky’s report has revealed, cybersecurity incidents may contribute to a negative work experience too – in fact, it has already happened in around half of SMBs (48%) and enterprises (53%) that experienced at least one data breach last year. The chart below reveals the personal consequences that IT and IT security managers face when they have to clean up after a company data breach. Stress is again the most likely ramification: a third (23%) of administrators fell into much more stress than they would usually – regardless if they were working in a big enterprise with advanced incident response practices, or in a medium-sized business without a dedicated IT security department.
“When talking about cybersecurity incidents in business, we often focus on what it costs to companies – like money, customer trust and other corporate consequences. But there is another aspect to consider; how employees live through such cases. It’s needless to say that additional stress at work or a disrupted work-life balance affects employee’s productivity and, even more critically, their mental and physical health. This shouldn’t be underestimated, because this can affect business too if staff members share their negative feelings outside the organization - impairing its reputation and brand as an employer. This can be especially critical for a business walking through a data breach when its wider reputation is already under attack,” comments Ara Arakelian, HR Manager for the Middle East, Turkey and Africa at Kaspersky.
The following steps can help organizations keep the impact of a breach on staff to a minimum: