Wilful ignorance? Survey reveals the cyber risk of office workers unwilling to adapt their behaviour
New study from BlueFort Security reveals nearly a quarter of office workers have been subject to a data breach, but a third not prepared to take any extra precautions.
A new survey from BlueFort Security, a provider of cybersecurity solutions, reveals that despite office workers being aware of the cybersecurity challenges faced by their employer - especially when it comes to hybrid working - many admit to high risk behaviour including sharing passwords, downloading non-work related files and even losing work-owned devices.
Despite the above, a third (33 percent) of office workers said that they will not be taking any measures or extra precautions when transporting devices with access to company data from remote to office. And 12 percent said that nothing would make them take cybersecurity more seriously.
The survey of 2,001 UK office staff working in organisations with 500+ employees found that over a third (34 percent) believe cybersecurity awareness is the biggest issue when it comes to hybrid working. 33 percent cited personal use of company devices as another significant risk. Office workers also believe that managing cyber risk in the future will only become more complicated. The reasons for this include the threat surface becoming wider and more disparate (39 percent), managing a remote workforce is more difficult (35 per cent), and it will be less clear where endpoints are (26 percent).
Despite being aware of cybersecurity risks, many office workers admitted they have been victims of cybercriminals during the pandemic’s work from home and hybrid return to work period. 35 percent had received a phishing email, 24 percent had been subject to a data breach, and 23 percent had been impacted by a virus.
A closer look at their behaviour reveals a good indication as to why so many suffered cyber attacks:
30 percent admitted that they have used their company device for personal reasons since working from home
23 percent said that they have downloaded non-work-related files since working from home
23 percent admitted that they have not backed up files onto the company system
22 percent said that they have taken home company devices without the company’s knowledge
Almost 1 in 5 (18 percent) have actually lost company devices since working from home
19 percent admitted they often reuse the same password.
Ian Jennings, co-founder and managing director at BlueFort Security said: “It’s frustrating that despite being aware of the risks, so many office workers are seemingly unwilling to make even small changes in their behaviour to help their largely overworked and under-resourced cybersecurity colleagues. And the fact that many have fallen victim to a cybercrime themselves makes the situation so much worse. Given its Insider Threat Awareness Month right now, the irony of the survey results is not lost on me.”
Jennings concluded: “The results of this latest study underline the importance of continued cybersecurity education, combined with technology that protects sensitive data wherever it is, be that on an end-user’s device, stored on-premise, hosted in the cloud, and increasingly nowadays being shared via an online collaboration tool.”
About BlueFort Security
BlueFort Security was founded in 2007 by Dave Henderson and Ian Jennings at a time when the market was awash with generalist IT providers. With an exploding cybersecurity market, the BlueFort Team spotted a gap in the market. They founded a cybersecurity specialist that offers a select portfolio of technologies, together with highly flexible easy to access award winning technical expertise and support. https://www.bluefort.com. Follow us on Twitter: https://twitter.com/BlueFortSec
Book your place at BlueFort.Live, an event for and about UK CISOs, on 15th October at 3.30pm. The event will be hosted by internationally renowned cybersecurity expert, Graham Cluley.