British Organisations Are Unready For Remote Work

Uploaded on 2021-09-15 in TECHNOLOGY--Resilience, FREE TO VIEW

Every industry has been affected in some way since the emergence of Coronavirus. It has changed the way in which we all work and created new opportunities for cyber criminals to target remote workers. Working from home has become  a gateway for such criminals to carry out alternative forms of data theft. 

Now, research reveals that half of UK businesses lack the most basic cyber security skills, prompting urgent calls for employers to take action. 

The research has found that UK businesses are ill-equipped to deal with cyber attacks, despite 60 per cent experiencing one in the last 12 months. The majority of surveyed UK organisations are relying on employee education rather than wider strategy changes to meet the challenges of modern remote work scenarios. 

According to research by ManageEngine, 67 percent of organisations raised employee awareness around security threats and 66 percent provided training on cyber security. According to ManageEngine’s Digital Readiness Survey, which polled more than 300 IT professionals in the UK, employees don’t appear to be fully engaged with these best-practice initiatives and less than half (47 percent) of organisations have adapted their organisational security strategy.  

Another study, carried out by ThycoticCentrify, found that 79% of respondents have engaged in one least one risky activity over the past year. More than a third (35%) have saved passwords in their browser in the last year, a similar number (32%) have used one password to access multiple sites, and around one in four (23%) have connected a personal device to the corporate network.

Most organisations have neither introduced new solutions nor configured their existing architecture to reflect the changing ecosystem, despite the obvious dangers of dealing with a remote workforce. 

  • Only 42 percent monitor employee devices to ensure their security. 
  • 76 percent of IT purchases are being made without direct approval from IT teams, creating a disconnect between them and other departments and opening the organisation up to security vulnerabilities from unpatched software. 
  • 95 percent of companies are planning to continue supporting remote workers for at least the next two years, determining how to adapt and enforce security strategies is critical given the rise in security threats. 
  • 45 percent of organisations have experienced an increase in phishing, followed by increases in account hijacking (38%), social media-based attacks (36 percent) and endpoint network attacks (34 percent).

Key to tackling these emerging threats upfront is placing a renewed focus on the role of the IT leadership in the organisation, according to Chris Windley, Chairman and CEO of the Cyber Security Association. “The level in which IT is embedded within the wider organisation still varies depending on the business. This disconnect, in terms of level of authority and lack of sufficient operating budget, is leading IT professionals to become ‘yes/no people’ as opposed to informed consultants to other teams... There needs to be a more collaborative approach in terms of how the IT team works with the business as a whole, and how it enables access to the right tools and software to ensure cyber and data security, and integrity.”

DBXUK:     Contiuity Central:       Business Cloud:        ITPro:      People Management:  

You Might Also Read: 

Employee Cyber Security Training Is Vital To Reduce Attacks

 

« National Cybersecurity Failings: How Businesses Can Improve Their Security
Germany Accuses Russia Of Electoral Interference »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

Okta

Okta

Okta is an enterprise-grade identity management service, built from the ground up in the cloud to address the challenges of a cloud-mobile-interconnected world.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

Maverick Technologies

Maverick Technologies

Maverick is an industrial automation, enterprise integration and operational consulting company. Services include industrial cyber security.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

Dataglobal

Dataglobal

Dataglobal is an industry-leading provider of Information Archiving/Governance and Unified Data Classification solutions.

BA-CSIRT

BA-CSIRT

BA-CSIRT is a center which is dedicated to assist and raise awareness among citizens and the Government of the City of Buenos Aires in everything related to information security.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Hubify

Hubify

Hubify is an experienced, service-driven technology company specialising in business connectivity across mobile, data, voice, cloud, & cyber security solutions.

Intelequia

Intelequia

Intelequia SOC is the Security Operations Center your company needs. 24x7 monitoring, protection and automated response to cyber threats.

Threat Con

Threat Con

Threat Con is a one of its kind event in Nepal, a series of annual international security conventions similar to the famous Black Hat and DEF CON conferences.