Homeworkers wait for protection: 73% of employees have not received remote working cybersecurity guidance

Homeworkers wait for protection: 73% of employees have not received remote working cybersecurity guidance

According to a recent Kaspersky report, How COVID-19 changed the way people work, three-in-four (73%) employees working from home have not yet received any specific cybersecurity awareness guidance or training designed to keep themselves secure from risks. While it can be more difficult to control the security of corporate IT and data remotely, threats still remain. For example, one-in-four (27%) employees say they have received phishing emails related to COVID-19. To avoid such risks, it is important for organisations to educate staff about cybersecurity.

While employees take on the massive shift of working from home, it is important for businesses to ensure their staff can work as they usually would. Keeping employees protected becomes a challenging task, as it takes a lot of resources to enable secure access to services staff regularly need to carry out their jobs well. Establishing effective cybersecurity measures is therefore critical, as remote working may also bring new risks such as increased spam and phishing attacks, connecting to compromised WiFi spots, or the use of shadow IT by employees.

However, a survey of 6,000 workers around the world has shown that employers may not be explaining to their employees how to avoid becoming victims of these risks. At least 73% of respondents said they were not provided with cybersecurity awareness training when they started working remotely. Additionally, more than a quarter (27%) of surveyed employees have already received, for example, phishing emails on the topic of COVID-19. Accidental downloading of malicious content from such an email can lead to devices being infected and business data being compromised. Many employees have also increased the use of online services for work that were not approved by their IT departments, known as shadow IT, such as video conferencing (70%), instant messengers (60%) or file storage services (53%).

It is hard to keep things ‘business as usual’ when everything needs to change so dramatically. While employees are trying to get along with the new reality of working from home, IT and cybersecurity teams are under pressure to enable them to continue working safely. Cyber-incidents can only add difficulties to this challenge, so it is important to remain vigilant and make sure remote working is also secure working,” comments Andrey Dankevich, Senior Product Marketing Manager at Kaspersky.

Kunal Anand, Chief Technology Officer at Imperva, commented “…when it comes to building a security program, focusing only on technology and processes puts us in a weak and unbalanced position. Businesses will need four steps in place. First, start at the top and get leadership support, second, conduct awareness training to ensure employees know what needs protecting, third, test the security posture such as through internal phishing campaigns, and fourth, ensure transparency and continual communication. Only then will everyone, on a personal and business level, be able to mitigate the risks that these attacks can cause.”

Recommendations to help businesses enable secure remote working for their employees:

  • Ensure your employees know who to contact if they face an IT or security issue. Pay special attention to employees that have to work from personal devices – provide them with dedicated policy and security recommendations
  • Schedule basic security awareness training for your employees. This can be done online and should cover essential practices, such as account and password management, email security, endpoint security and web browsing. Kaspersky and Area9 Lyceum have prepared a free course to help staff work safely from home
  • Take key data protection measures to safeguard corporate data and devices, including switching on password protection, encrypting work devices and ensuring data is backed up
  • Ensure devices, software, applications and services are kept updated with the latest patches
  • Install proven protection software, such as Kaspersky Endpoint Security Cloud, on all endpoints, including mobile devices. It also helps ensure that only approved online services are used for work purposes, reducing the risks of shadow IT

To read the full Kaspersky report and learn more about how the pandemic has influenced the way people work, please visit this page.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]