Our Wired World

Cybersecurity Training Found Lacking In The Finance Sector

1 in 3 finance workers haven’t been cybersecurity trained

A new study from NordLocker reveals gaps in cybersecurity in the workplace around finance institutions.

A pretty impressive 31% of employees in the finance sector haven’t had cybersecurity training arranged by their current employer, according to a new survey commissioned by NordLocker, an encrypted cloud service provider. This is alarming information as the same survey reveals 88% of finance professionals handle confidential data at work.

“Since finance is among the top three industries most hit by ransomware, the organizations that don’t train their employees how to identify the potential risks and about the right measures to avoid them are on the brink of falling victim to various cybercriminal activities,” explains Oliver Noble, a cybersecurity expert at NordLocker.

7% Don’t Use Any Cybersecurity Tools

The survey reveals that 7% of employees in the finance sector don’t use any cybersecurity tools at work. Among those who do use protection on their digital devices, antivirus is the most popular software (72%) followed by a password manager (63%), a VPN (61%), and a file encryption tool (52%).

“With cyber racketeers going after the overwhelming amount of sensitive client data financial service providers have access to, employers who don’t urge their employees to use the necessary cybersecurity tools, or even worse, don’t provide them, are putting their reputation at stake,” says Oliver Noble. “Unsecured IoT devices, such as printers, can provide a pathway to a company’s computer systems.”

18% Would Blame Their Employer for a Data Breach

When asked who should be responsible if they accidentally caused a data breach in their workplace, the majority of finance workers answered with “both the employer and the employee” (53%). However, almost one in five respondents (18%) would solely blame their company if they were involved in a data breach.

“With the human element being one of the weakest links in a company’s cybersecurity and hackers looking for vulnerabilities to exploit, it’s easy to see why many employees believe their employer should ensure appropriate means to be able to withstand threats,” Noble says.

Four Easy-to-Implement Cybersecurity Practices for Finance Employees

  • Make sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
  • Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.
  • Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
  • Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.




Methodology: NordLocker commissioned a survey of 1,500 industry professionals in the US in October 2021.
About NordLocker
NordLocker is the world’s first end-to-end file encryption tool with a private cloud. Created by the cybersecurity experts behind NordVPN – a world-renowned VPN service provider – NordLocker makes sure your files are protected from hacking, surveillance, and data collection. Available for both desktop and mobile, NordLocker supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices. For more information visit nordlocker.com.