Enterprises need to acknowledge the importance of basic cyber hygiene

Cyber hygiene concept image showing birds-eye view of woman typing on a laptop in a public setting, with coffee cup placed next to laptop.

(Image credit: Getty Images)

The majority (92%) of enterprises that fell victim to a security breach believe more robust cyber hygiene practices could’ve prevented disaster, according to new research.

In a new study from Swimlane, more than half (52%) of organizations said their “greatest weakness” lies in human mistakes, underlining the need for better employee training and awareness.

Yet despite this, efforts to improve cyber hygiene are still often overlooked by leadership, with just 32% of respondents noting that hygiene and resilience rank high on C-suite priority lists.

This, the study noted, suggests leaders continue to “underestimate how much fundamentals drive overall risk reduction”.

“The fundamentals of security shouldn’t be the hardest part, but they remain the weakest link,” said Michael Lyborg, CISO at Swimlane.

“Too many teams treat hygiene as a checklist instead of a living process. Intelligent automation makes it continuous, measurable, and built-in, turning resilience from a goal into a deliverable outcome.”

Most cyber slip-ups are preventable

According to Swimlane, most cybersecurity incidents are still preventable, highlighting continued failings on the part of both leadership and broader workforces.

Two-thirds of organizations said they faced an incident in the past year, yet just 15% self-identified as having “mature” cyber hygiene practices.

Businesses are beginning to take proactive steps to mitigate risks, however. Just over two-thirds (67%) said they now audit user access privileges on a quarterly basis – although Swimlane hinted that this cadence could be improved.

A serious cause for concern flagged by the study centered around security practices with vendors and suppliers.

More than half of enterprises admitted they fail to "continuously assess” vendor and supplier security after onboarding, a practice that needs to be addressed given surging supply chain security risks.

According to the study, turning to AI tools could help bridge gaps here. An overwhelming majority of respondents (84%) said AI can help enhance cyber hygiene by automating processes.

“Cyber resilience depends on operational discipline as much as technological sophistication,” said Cody Cornell, co-founder and CEO at Swimlane.

We’re at a turning point where agentic AI can finally make the fundamentals automatic. The organizations that embed AI agents into daily automated workflows will transform hygiene from a persistent challenge into a lasting competitive advantage.”

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

MORE FROM ITPRO

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn.