A report commissioned by Skillcast found that senior-level employees were three-times less likely to report compromised passwords or suspicious IP addresses compared to entry-level staff.
As Cybersecurity Awareness Month draws attention to the growing importance of digital security, Skillcast found that cybersecurity was being neglected by UK CEOs, with only 6% of CEOs listing it as a top priority, ranking it ninth out of 12 major regulatory concerns.
Nearly half of UK workers (48%) would not immediately report a phishing email, with 41% delaying the reporting of compromised work passwords.
Younger CEOs – aged 18 to 24 – prioritised anti-bribery regulations, with 43% listing it among their top three concerns, while older CEOs – aged 55 to 64 – showed more focus on cybersecurity and tax compliance.
While customer satisfaction (21.4%) and revenue growth (18.4%) topped the list of business priorities, compliance and risk management, including cybersecurity, were deprioritised, with only 4% of CEOs ranking it as their top concern.
Vivek Dodd, CEO of Skillcast, said: “The data reveals a dangerous gap between the perception of cybersecurity risks and the actions being taken to mitigate them.
“Senior employees, not reporting cybersecurity threats, can leave companies particularly vulnerable to serious breaches.
“With cyberattacks becoming more sophisticated and regulatory scrutiny tightening, businesses cannot afford to ignore this area.”
Dodd added: “Cybersecurity needs to be embedded into every level of an organisation’s culture, from entry-level employees to senior leadership.
“During Cybersecurity Awareness Month, it’s critical to recognise that training and reporting mechanisms must be in place to ensure potential threats are identified and mitigated quickly.
“Every employee must be empowered to act as the first line of defence.”