Mention cyber security and some scenarios that spring to mind include data theft and cyber attacks by hackers.
Yet many cyber-security incidents are actually a result of human error, making employees an important line of defence in organisations' efforts to guard against cyber threats. The point was made by Communications and Information Minister Yaacob Ibrahim in announcing the launch of a new Employee Cyber Security Kit yesterday.
Speaking at the 2015 National Security Conference, Dr Yaacob said it is not enough to rely on only enhancing hardware and software systems to counter the latest cyber threats, but businesses will also need to build up "peopleware".
"A fortress may have thick and strong walls, but will still be vulnerable to attack if the guards carelessly leave the gate open," added Dr Yaacob, who is also Minister-in-charge of Cyber Security.
For example, a careless employee can "severely weaken" a company's defence against cyber threats by accessing an unsafe e-mail or Web link, using weak passwords, losing a company device or disclosing company information without proper safeguards.
Citing IBM's Cyber Security Intelligence Index 2014, Dr Yaacob said it is estimated that 95 per cent of all cyber-security incidents investigated by IBM involved human error.
This is where the Employee Cyber Security Kit can help. The free Web-based toolkit is targeted at SMEs to help them implement a structured employee education programme on cyber-security awareness. It features a range of tools such as a step-by-step guide to organising a town hall meeting to update staff on cyber security policies, a quiz to ascertain employees' level of cyber readiness and posters on preventive measures.
Mr Donald Wee, a director at Data Terminator, an SME with 12 employees, said he was considering incorporating the toolkit into the company's orientation programme for future new hires.
"It helps us to educate our employees, it helps us to save time and money," he said.
The toolkit, developed over three months, is a joint effort between the Singapore Business Federation (SBF), the National Security Coordination Secretariat and the Cyber Security Agency of Singapore.
Strong cyber-security capabilities can also give businesses a competitive edge. SBF chairman Teo Siong Seng said: "If you have proper cyber security, it would make us more competitive, and people are also confident to do business with us."
The toolkit is available at SBF's ePortal.