Office workers unwilling to change their behavior, despite being aware of the cybersecurity challenges
Despite office workers being aware of the cybersecurity challenges faced by their employer – especially when it comes to hybrid working – many admit to high risk behavior including sharing passwords, downloading non-work related files and even losing work-owned devices, a BlueFort Security survey reveals.
Despite the above, 33 percent of office workers said that they will not be taking any measures or extra precautions when transporting devices with access to company data from remote to office. And 12 percent said that nothing would make them take cybersecurity more seriously.
The survey of 2,001 UK office staff working in organizations with 500+ employees found that 34 percent believe cybersecurity awareness is the biggest issue when it comes to hybrid working. 33 percent cited personal use of company devices as another significant risk.
Managing cyber risk to become more complicated
Office workers also believe that managing cyber risk in the future will only become more complicated. The reasons for this include the threat surface becoming wider and more disparate (39 percent), managing a remote workforce is more difficult (35 percent), and it will be less clear where endpoints are (26 percent).
Despite being aware of cybersecurity risks, many office workers admitted they have been victims of cybercriminals during the pandemic’s work from home and hybrid return to work period. 35 percent had received a phishing email, 24 percent had been subject to a data breach, and 23 percent had been impacted by a virus.
A closer look at office workers behavior
A closer look at their behaviour reveals a good indication as to why so many suffered cyber attacks:
- 30 percent admitted that they have used their company device for personal reasons since working from home
- 23 percent said that they have downloaded non-work-related files since working from home
- 23 percent admitted that they have not backed up files onto the company system
- 22 percent said that they have taken home company devices without the company’s knowledge
- 18 percent have actually lost company devices since working from home
- 19 percent admitted they often reuse the same password.
Ian Jennings, managing director at BlueFort Security said: “It’s frustrating that despite being aware of the risks, so many office workers are seemingly unwilling to make even small changes in their behavior to help their largely overworked and under-resourced cybersecurity colleagues. And the fact that many have fallen victim to a cybercrime themselves makes the situation so much worse. Given it’s Insider Threat Awareness Month right now, the irony of the survey results is not lost on me.”
Jennings concluded: “The results of this latest study underline the importance of continued cybersecurity education, combined with technology that protects sensitive data wherever it is, be that on an end-user’s device, stored on-premise, hosted in the cloud, and increasingly nowadays being shared via an online collaboration tool.”