The BBC is dealing with 1,000 security incident reports every month following widespread work to improve employee cyber awareness, according to BBC head of information security David Jones.
The figure was revealed during a roundtable discussion at InfoSec Europe 2015 on establishing an enterprise-wide cyber security culture.
Jones explained that the BBC saw a dramatic rise in incident reports from staff following reforms to its security team's operations.
"One thing they're good at is engaging with teams directly, and we've been focusing on this," he said.
"By the end of the year they'll have given presentations to every local radio station. My team are geographically split so they can go and become real to the people they deal with."
Jones explained that BBC staff also have names of individuals not just a department. So rather than having to express a worry to a faceless bureaucracy they can send a message to someone they've met and be treated as a person.
"That makes them more likely to report events. We were receiving 20 to 30 emails every month into the incident box last year. Now we're averaging over 1,000. This is great. It's the first warning we get," he said.
Jones added that the improved security reporting culture has helped the corporation to deal with incidents and problems much more quickly.
"In terms of the reports I'd say 80 percent require action. Keep in mind we can see a spike in reports where people report duplicate phishing messages, but the majority of the information is actionable," he said.
"Some of it is tightening up controls or blocking a source coming into a system. But in general we have no messages coming in we'd consider a waste of time."
Jones listed the BBC's move to tailor the security team's message to specific departments and individuals as another key reason for the increased transparency around incidents.
He highlighted the BBC's reaction to the Sony Entertainment breach as evidence of his claim.
"[With the] Sony Entertainment breach, we could go out and do a message saying this is how it happened, don't do that. But most don't see that as relevant to them, they just find it interesting. So we changed the message for specific staff," he explained.
"For general staff we talked about how it all came about from one mistake and how losing health and payment records would affect them. For the entertainment creative people we talked about how they'd feel if their shows were suddenly released onto the internet.
"For managers and C-level we talked about what it would mean to the business and their careers if their personal emails were released. We teach people to protect themselves and as such the business."
The Sony breach occurred in 2014 when hackers, believed to be sponsored by the North Korean government, breached the Entertainment division's systems and published sensitive intellectual property and employee information online.
The BBC is one of many organisations to cite the Sony breach as evidence of the hacker threat facing UK business.
Ciaran Martin, GCHQ's director general for cyber security, said during an earlier keynote at InfoSec that the Sony attack showed that businesses and government need to collaborate when fighting cyber threats.
Q3 losses reverse Q2 gains
FBI briefing US companies to dump Kaspersky, claiming intelligence prove it a 'threat to national security'
Kaspersky rejects FBI accusations that its products are a 'threat to national security'
But breached contractor says that it simply didn't have that much data
EE follows Three in threatening legal action against Ofcom - but for entirely different reasons