Bad Cyber Security Behavior At Home Risks Being Taken Back To Work

Uploaded on 2021-06-28 in TECHNOLOGY--Resilience, FREE TO VIEW

Millions of workers, employees and managers who have worked remotely because of Coronavirus are beginning to return to the office,  possibly bringing the very bad cyber security habits of home working back into the office with them, putting companies at greater risk of serious cyber security incidents. 
 
A new survey by the email security experts Tessian explains that after more than a year of remote working, offices are reopening and nearly every business is adopting a hybrid working structure. This is allowing employees to work from home and or from the office, and that this significant change in working conditions creates a fundamental shift in cyber security priorities.  
 
Tessian surveyed over 4,000 employees in the US and UK across various company sizes and industries, along with 200 IT professionals, to better understand back-to-work trends. Their report, which analysed ‘Back to Work: Security Behaviours’,  reveals that nearly a third of employees (30%) believe they can get away with riskier security behaviours when working remotely, with two in five (39%) admitting the cyber security behaviours they practice while working from home are different to the behaviours practiced in the office. 

As numerous organisations  plan for the “great return”, their decision makers need to ask some tough questions:

  • Will employees need a refresh on safe cyber security behaviors in the workplace? 
  • How will the threat landscape change? 
  • What role will the CISO play in the new hybrid workforce?

Tessian found some equally tough answers in their survey results: 

  • More than half (56%) of IT leaders believe employees have picked up bad cyber security behaviors since working remotely.
  • The majority (69%) of IT professionals predict a spike in ransomware attacks and targeted phishing scams in the transition back to the office.
  • Over a quarter of employees are scared to admit they’ve made mistakes that compromise security at work.
  • Six in every ten IT leaders said the return to business travel will pose greater cybersecurity challenges and risks for their company.

“The shift to an all-remote workforce was a huge challenge for IT leaders, but the next transition to a hybrid work model is set to be even more challenging - particularly when it comes to employees’ behaviors,” said Tim Sadler, co-founder and CEO of Tessian. The risks Tessian have identified could result a rise in phishing attacks whereby threat actors impersonate airlines, booking operators, hotels, or even senior executives supposedly on a business trip. There is also the risk that employees accidentally leave devices on public transport or expose company data in public places.

“Employees are the gatekeepers to data and systems but expecting them to be security experts and scaring them into compliance won’t work. IT leaders need to prioritise building a security culture that empowers people to work securely and productively, and understand how to encourage long-lasting behavioral change overtime, if they’re going to thrive in this new way of working.” Sadler said.  

TESSIAN    Forbes:      RealWire:      Security Informed:       Infosecurity Magazine:     Image: Unsplash
 
You Might Also Read:
 
Remote Working & Cyber Security:
 
 
« Ukraine Cyber Police Crack Hacker Group
China Is Gaining Technical Supremacy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Softtek

Softtek

Softtek provides comprehensive software Quality Assurance and Testing that identifies the correctness, completeness, and quality level of software products.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

International Telecommunication Union (ITU)

International Telecommunication Union (ITU)

ITU is the United Nations specialized agency for information and communication technologies – ICTs. Areas of activity include cybersecurity.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

Firedome

Firedome

Firedome's tailormade solution for IoT companies is designed to proactively prevent, detect, and respond to inevitable vulnerabilities in connected devices.

Cyscale

Cyscale

Cyscale is a consultancy and development agency helping Enterprises adopt and migrate to the Cloud by providing an Automated Cloud Security Platform.

Blueskytec (BST)

Blueskytec (BST)

BST provide accredited, patent-pending commercial cyber security hardware and software to protect your cyber physical systems from attack.

Open Raven

Open Raven

Open Raven is the cloud native data security platform that prevents breaches driven by modern speed and sprawl. Restore full visibility and regain control within minutes, without agents.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

Alcon Maddox

Alcon Maddox

Alcon Maddox is a niche recruitment and executive search firm specialised in sourcing exceptional Cyber Security sales and commercial leadership talent. Serving clients across the Middle East & Europe

1898 & Co

1898 & Co

Keep your critical assets secure with a comprehensive portfolio of services from high-level assessments to fully managed security services designed for operational technology applications.

AgilePQ

AgilePQ

AgilePQ visibly secures IoT devices worldwide to protect the privacy, safety, and well-being of all people.

Francisco Partners

Francisco Partners

Francisco Partners provide capital, expertise, and support for growth-aspiring technology companies.