Employee Awareness Recognized as Biggest Lockdown Security Failing

Employee awareness is seen as the biggest area of weakness for firms’ cybersecurity strategies over the past few months of mass remote working during COVID-19, according to a new study.

Secure storage firm Apricorn received over 23,500 responses from a poll of its Twitter followers in October exploring business preparedness during the pandemic.

Over 30% said that employee education was the area most in need of improvement at their organization. Home workers may be more distracted than they would otherwise be in the office, IT support feels more remote and devices or PCs may be less well secured, presenting increased cyber-risk to organizations.

New Mimecast research out this week revealed that nearly half (45%) of remote workers open emails they consider to be suspicious while 73% use their corporate devices for personal matters, potentially exposing it to cyber-threats.

“IT and security teams had to scramble to respond to this crisis and in doing so, left a lot of companies wide open to breach. Nine months into employees working remotely, some know already that they have been attacked. Others think they may have been but can’t be sure,” argued Apricorn’s EMEA managing director, Jon Fielding.

“In the same way that we had to learn how to protect ourselves from illness and modify our behavior, we had to also learn how to protect our data outside of the firewall and more importantly, to remain vigilant about it.”  

However, improving staff security awareness and education may not be that easy.

Trend Micro research from earlier this year revealed that remote workers continue with their bad habits whilst claiming that: they feel more conscious of their organization’s cybersecurity policies (72% ) since lockdown began; they take IT instructions seriously now (85%); and that cybersecurity is partly their responsibility (81%).

According to Apricorn, 40% of employees felt that they were not fully prepared to work at home securely and productively, with 18% claiming they lacked the right technology and 16% saying they were not sure how to. A fifth (20%) said they were still not able to work remotely. 

What’s Hot on Infosecurity Magazine?