The more digital and technological developments can be seen in today’s digital world the more cybersecurity concerns of the companies arise each and every day. Over the past years, the cybersecurity breaches have increased enormously. In addition, the breaches are not only very costly but also damage the companies’ reputation and decrease their market value.
According to recent research, employee’s security behavior is an elementary area to look at when it comes to the cybersecurity concerns. If a company is aware of the internal information security and procedures it is able to manage the rising cybersecurity tasks. However, for those who do not pay attention to their companies’ cybersecurity policies, suddenly fat hits the fire and things are getting more complicated. The research on cybersecurity showed that there are also employees who underestimate information security risks and when cybersecurity breaches break out, they become silent and behave as if they are uninformed about the situation. Apart from the employees who leak valuable data intentionally and maliciously, there are many employers who cause cybersecurity problems without even noticing it.
However, in order to understand how the problem of unreported cybersecurity breaches develops, we should ask these questions: ‘ Why do employees choose to become silent when they cause or notice that others cause cybersecurity concerns?’ and ‘Why might employees be discouraged from reporting security issues and breaches?’ There are multiple reasons. For one, many employees have the fear of being punished or getting fines, if they report an error that they caused. This is often not even unjustified, since many work contracts state that if an employee damages company data, causes errors or breaches security measures, they will at least get a warning notice. Depending on the general company culture, this can lead to a feeling of mistrust between colleagues and the company in general. Moreover, it is determined in the studies that employees having more stress in their lives are more likely to break rules of security protocols since being more stressed reduces their tolerance for following rules and regulations.
It is impossible to say that when employees fail to follow the certain rules and procedures about cybersecurity, the security problems occur. This is the reason why they are discouraged to report security issues and breaches due to fear and shame since they might think that they have done something unfixed.