Research from digital communications provider Zivver found that 62% of workers admitted to sending emails in error, with 78% citing having to use too many IT systems as a contributing factor.
A lack of training could also be playing a part, as a third (33%) of employees claimed to receive no data security training in the last two years.
Cyber security in the workplace:
Robert Fleming, vice president at Zivver, said cyber security isn't treated as seriously as it should be.
Speaking to HR magazine, he said: "Security is often seen as a check box exercise by employees and management – just something to achieve compliance and nothing more.
"It's clear that training, on its own, is failing. Employees want to be free to do their work without being inhibited by security regulations, processes, or platforms. If security gets too onerous, it will become a mere afterthought - which is how mistakes happen."
IT leaders have recognised that there could be a problem, with 91% admitting they could be more progressive in how they tackle risk management, and a further 72% said they should regularly review their approach to email security.
Fleming added that HR should look for technology which provides a safety net for employees in case of mistakes, to alleviate some of the pressure on them and avoid costly mistakes due to simple errors.
He added: "Rather than burdening staff with extra security policies, smart technology is rapidly being viewed as a key part of the remedy.
"To create the best possible conditions, leaders need to implement tools, platforms and procedures that give every member of staff the freedom to focus, communicate freely, and take a few risks in the knowledge that if they make a mistake, the technology is there to catch it for them. Training on its own, no matter how good, isn’t enough to keep a business secure anymore.”
Zivver surveyed 6000 employees and 850 IT leaders across Europe and the US during March 2022 - 1000 employees and 250 IT leaders were from the UK.