A new survey from BlueFort Security, a provider of cybersecurity solutions, reveals that despite office workers being aware of the cybersecurity challenges faced by their employer – especially when it comes to hybrid working – many admit to high risk behaviour including sharing passwords, downloading non-work related files and even losing work-owned devices.
Despite the above, a third (33 percent) of office workers said that they will not be taking any measures or extra precautions when transporting devices with access to company data from remote to office. And 12 percent said that nothing would make them take cybersecurity more seriously.
The survey of 2,001 UK office staff working in organisations with 500+ employees found that over a third (34 percent) believe cybersecurity awareness is the biggest issue when it comes to hybrid working. 33 percent cited personal use of company devices as another significant risk. Office workers also believe that managing cyber risk in the future will only become more complicated. The reasons for this include the threat surface becoming wider and more disparate (39 percent), managing a remote workforce is more difficult (35 per cent), and it will be less clear where endpoints are (26 percent).
Despite being aware of cybersecurity risks, many office workers admitted they have been victims of cybercriminals during the pandemic’s work from home and hybrid return to work period. 35 percent had received a phishing email, 24 percent had been subject to a data breach, and 23 percent had been impacted by a virus.
A closer look at their behaviour reveals a good indication as to why so many suffered cyber attacks:
- 30 percent admitted that they have used their company device for personal reasons since working from home
- 23 percent said that they have downloaded non-work-related files since working from home
- 23 percent admitted that they have not backed up files onto the company system
- 22 percent said that they have taken home company devices without the company’s knowledge
- Almost 1 in 5 (18 percent) have actually lost company devices since working from home
- 19 percent admitted they often reuse the same password.
Ian Jennings, co-founder and managing director at BlueFort Security said: “It’s frustrating that despite being aware of the risks, so many office workers are seemingly unwilling to make even small changes in their behaviour to help their largely overworked and under-resourced cybersecurity colleagues. And the fact that many have fallen victim to a cybercrime themselves makes the situation so much worse. Given it’s Insider Threat Awareness Month right now, the irony of the survey results is not lost on me.”
Jennings concluded: “The results of this latest study underline the importance of continued cybersecurity education, combined with technology that protects sensitive data wherever it is, be that on an end-user’s device, stored on-premise, hosted in the cloud, and increasingly nowadays being shared via an online collaboration tool.”
Book your place at BlueFort.Live, an event for and about UK CISOs, on 15th October at 3.30pm. The event will be hosted by internationally renowned cybersecurity expert, Graham Cluley.