Lockdown Security Apathy Could Be A Big Risk

More than half (57 percent) of UK IT decision makers still believe that remote workers will expose their organisation to the risk of a data breach and this figure has increased steadily from 44 percent in 2018 and 50 percent in 2019. These figures are from the current  IT Security Survey from Apricorn

Apathy over cyber security continues to be a major problem, with just over a third (34 percent) of IT leaders saying their remote workers simply don’t care about security, exactly the same percentage as last year, which suggests organisations are struggling to get employees to buy into the security strategy. 

The rise could reflect a corresponding increase in the number of people working remotely, or an enhanced awareness of the risks of doing so as the UK's workforce began to follow government guidelines to work from home. 

The 2020 research study was conducted by Censuswide. Respondents were 100 UK IT decision-makers (CIOs, heads of IT, IT directors and senior IT managers, etc) from enterprise organisations (with 1000-plus employees) within the financial services, IT, manufacturing, business and professional services sectors.

In 2019 almost half of respondents (47 percent) admitted that their remote workers had already knowingly put corporate data at risk of a breach in the last year; this has now dropped slightly to 44 percent. The Survey was commissioned by Apricorn and conducted between 25 and 27 March 2020.

Presenting the 2020 Survet results Apricorn's Managing Director, Jon Fielding  says: “This year, the need for organisations to facilitate effective and secure remote working has been cast into the spotlight to an extent no-one could have anticipated... Our survey shows that while progress has been made in some key areas since 2019, some of the same risks, such as employee apathy or error, remain a problem. In these currently challenging times, when UK workers are being urged to work from home, it’s all the more important that security is a priority for everyone.”

Organisations have increasingly recognised the importance of endpoint control as remote working has become more prevalent.

Nearly all (96 percent) mitigate the risks of BYOD (bring your own device) with a security strategy that covers employees’ use of their own IT equipment out of the office. Of those, 42 percent only allow the use of devices that have been provisioned or approved by IT, and enforce this with strict security measures. This is a significant rise on 2019, when just over 1 in 10 (11 percent) did so.  This change is crucial given that lost or misplaced devices is now the second biggest cause of a data breach, cited by almost a quarter of respondents (24 percent), up from 17 percent a year ago. 

Employees are unintentionally putting data at risk and this remains the leading cause (33 percent), with third parties mishandling corporate information cited as one of the main causes by 23 percent.

Despite this, the majority (87 percent) of UK IT decision makers agree that their organisations’ remote workers are aware of cybersecurity risks and practices, and follow required policies at all times. “Remote working is not a new concept, but with so many employees now having had a taste for home working, it might be hard for businesses to put that particular lid back on, so they need to figure out where their vulnerabilities lie now, and address them,” Fielding said.

When it comes to the challenges of implementing a cybersecurity plan for remote working, almost a fifth of IT decision makers (19 per cent) say managing all the technology employees need is the biggest problem, a drop from 30 percent in 2019, which suggests that organisations are getting a handle on the complexity involved in the technology aspect.

Fewer IT leaders believe that difficulties with GDPR compliance is the biggest problem with mobile working: 16 percent agreed, compared with 20 percent in 2019, suggesting that this aspect may have been less of a challenge than they originally anticipated.

Apricorn:         FSMatters:       Fudzilla:        ResponseSource:

You Might Also Read:

Every Single Employee Requires Cyber Security Training:

For advice and recommendations about cybersecurity training  please contact Cyber Security Intelligence.

 

 

 

 

 

« Quantum Computing Has Far Reaching Effects On Security
British Government Advice Threatens Your Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

KLC Consulting

KLC Consulting

KLC Consulting offers information assurance / Security, IT Audit, and Information Technology products and services to government and Fortune 1000 companies.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

MER Group

MER Group

MER Group is a world-leading integrator in the areas of communications and security. MER cyber solutions cover the entire range of cyber and intelligence related products and services.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

National Cybersecurity Student Association (NCSA)

National Cybersecurity Student Association (NCSA)

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

ColorTokens

ColorTokens

ColorTokens Xtended ZeroTrust Platform protects from the inside out with unified visibility, micro-segmentation, zero-trust network access, cloud workload and endpoint protection.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

TPx Communications

TPx Communications

TPx is a leading managed services provider offering a full suite of managed IT, unified communications, network connectivity and security services.