To mitigate security risks, organizations can start by training their own employees.
Investing in employee security training and awareness can significantly reduce security-related risks from anywhere between 45 and 70 percent, according to research conducted by Wombat Security Technologies and Aberdeen Group.
Their research also finds there is an 80 percent chance that organizations with $200 million in annual revenue will have to pay up to $2.5 million a year due to insecure employee behavior. There is a 20 percent likelihood the costs from inappropriate employee behavior surpass $8 million, according to the research.
"It's important for security teams to communicate clearly about the risks that organizations are accepting when their employees' response to cyber threat is not addressed," said Derek Brink, vice president and research fellow for Aberdeen Group.
More articles on cybersecurity:
This hospital device could be the source of the next data breach
5 must-have IT skills for 2015
Who should be held responsible for device cybersecurity?