British Organisations Are Unready For Remote Work

Every industry has been affected in some way since the emergence of Coronavirus. It has changed the way in which we all work and created new opportunities for cyber criminals to target remote workers. Working from home has become  a gateway for such criminals to carry out alternative forms of data theft. 

Now, research reveals that half of UK businesses lack the most basic cyber security skills, prompting urgent calls for employers to take action. 

The research has found that UK businesses are ill-equipped to deal with cyber attacks, despite 60 per cent experiencing one in the last 12 months. The majority of surveyed UK organisations are relying on employee education rather than wider strategy changes to meet the challenges of modern remote work scenarios. 

According to research by ManageEngine, 67 percent of organisations raised employee awareness around security threats and 66 percent provided training on cyber security. According to ManageEngine’s Digital Readiness Survey, which polled more than 300 IT professionals in the UK, employees don’t appear to be fully engaged with these best-practice initiatives and less than half (47 percent) of organisations have adapted their organisational security strategy.  

Another study, carried out by ThycoticCentrify, found that 79% of respondents have engaged in one least one risky activity over the past year. More than a third (35%) have saved passwords in their browser in the last year, a similar number (32%) have used one password to access multiple sites, and around one in four (23%) have connected a personal device to the corporate network.

Most organisations have neither introduced new solutions nor configured their existing architecture to reflect the changing ecosystem, despite the obvious dangers of dealing with a remote workforce. 

  • Only 42 percent monitor employee devices to ensure their security. 
  • 76 percent of IT purchases are being made without direct approval from IT teams, creating a disconnect between them and other departments and opening the organisation up to security vulnerabilities from unpatched software. 
  • 95 percent of companies are planning to continue supporting remote workers for at least the next two years, determining how to adapt and enforce security strategies is critical given the rise in security threats. 
  • 45 percent of organisations have experienced an increase in phishing, followed by increases in account hijacking (38%), social media-based attacks (36 percent) and endpoint network attacks (34 percent).

Key to tackling these emerging threats upfront is placing a renewed focus on the role of the IT leadership in the organisation, according to Chris Windley, Chairman and CEO of the Cyber Security Association. “The level in which IT is embedded within the wider organisation still varies depending on the business. This disconnect, in terms of level of authority and lack of sufficient operating budget, is leading IT professionals to become ‘yes/no people’ as opposed to informed consultants to other teams... There needs to be a more collaborative approach in terms of how the IT team works with the business as a whole, and how it enables access to the right tools and software to ensure cyber and data security, and integrity.”

DBXUK:     Contiuity Central:       Business Cloud:        ITPro:      People Management:  

You Might Also Read: 

Employee Cyber Security Training Is Vital To Reduce Attacks

 

« National Cybersecurity Failings: How Businesses Can Improve Their Security
Germany Accuses Russia Of Electoral Interference »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Acunetix

Acunetix

Acunetix is a leading web vulnerability scanner, widely acclaimed to include the most advanced SQL injection and XSS black box scanning technology.

PCI Compliance Guide

PCI Compliance Guide

The PCI Compliance Guide is one of the leading educational websites available focused exclusively on PCI compliance.

Cyber Aware

Cyber Aware

Cyber Aware aims to drive behaviour change amongst small businesses and individuals, so that they adopt simple secure online behaviours.

Referentia

Referentia

Referentia leads the development of critical infrastructure solutions that benefit society, including cyber security and network performance management.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

NetGuardians

NetGuardians

NetGuardians is a leading Fintech company recognized for its unique approach to fraud and risk assurance solutions.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

Protec

Protec

Protec is a leader in cyber resilience providing information security, risk management and audit services – bringing stability and peace of mind to our customers.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

Naq Cyber

Naq Cyber

Naq is the number one platform for SMEs looking to become legally compliant and protect against cybercrime and other data-related incidents.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

Obsidian Security

Obsidian Security

Protect your business-critical applications by mitigating threats and reducing risk with Obsidian, the first truly comprehensive security solution for SaaS.