Since the transition to remote working, many employees have started disregarding cybersecurity best practices.
This is according to a new report from email security software firm Tessian, based on a poll of 4,000 workers in the US and UK, as well as 200 IT professionals. The company found that more than a third (36 percent) have picked up bad cybersecurity behaviors and discovered new security workarounds in the last year.
Many workers have changed their behavior since shifting into a homeworking environment, mostly because they believe they can get away with it. Roughly half feel they aren’t being watched by IT, which gives them a misguided feeling of freedom. What’s more, a quarter of employees compromised their company’s security somehow, but never told anyone about it, as they feared disciplinary action or additional security training.
Most IT leaders (70 percent) believe employees will behave more responsibly once they come back to the office. Some, however, worry employees will bring infected devices back with them.
Phishing emails also pose an ever-present threat. Since mid-May, the number of suspicious emails related to hybrid working has been 39 percent higher than the volume of office-related scams, flagged as a threat since the start of 2021.
“The shift to an all-remote workforce was one huge challenge for IT leaders, but the next transition to a hybrid work model is poised to be even more challenging – particularly when it comes to employees’ behaviors,” said Tim Sadler, CEO at Tessian.
“Employees are the gatekeepers to data and systems, but expecting them to be security experts and scaring them into compliance won’t work. IT leaders need to prioritize building a security culture that empowers people to work securely and productively, and understand how to encourage long-lasting behavioral change over time if they’re going to thrive in this new way of working.”