Businesses call for improvement as employee education singled out as the biggest cybersecurity weakness during lockdown
29 October 2020
More than 30% of respondents singled out employee education as being the biggest area where companies needed to make changes to improve cybersecurity.
That's according to Apricorn, the manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, which announced new findings from a Twitter poll exploring the data security and business preparedness for remote working during the pandemic.
The poll was issued over sixdays and targeted employees in both the US and UK. In addition to concerns about employee education, respondents also flagged updates to hardware (29%), endpoint control (21%) and enforcing encryption (19%) as areas of weakness, where organisations need to make changes to improve cybersecurity. Given that almost 30 per cent of respondents admitted to using unencrypted devices during the pandemic, this raises many concerns particularly at a time when we are seeing a dramatic increase in the volume of data being downloaded, and a potential for more data on the move.
“Employees have a critical role to play in their organisation’s cyber security processes, from recognising the tools required, through to the policies in place to protect sensitive data. Whether it be through the delivery of awareness programs or ongoing training, establishing a culture of security within the workforce is essential," Kurt Markley, director of sales at Apricorn commented. "Endpoint security is critical, and deploying removable storage devices with built-in hardware encryption, for example, will ensure all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorised to access it.”
In addition, more than 40% of respondents admitted that, as an individual, they were not fully prepared to work at home securely and productively. Almost a fifth (18%) said they lacked the right technology to do so, 16% were not sure how to, while just over 20% said they were still not able to work remotely.
“Many businesses will now have witnessed the positive productivity and financial impact of a remote workforce, but without the right tools, processes and security in place, this can very easily backfire” Markley continued.
With the poll results showing that more than 60% of respondents are planning to work remotely, all, or some of the time following the pandemic, the threat to corporate data is only going to mount. Almost 20% admitted that the experience of working from home highlighted major gaps in their employer’s cybersecurity strategy/policies.
When questioned as to whether their company had experienced a data breach as a result of remote working during the pandemic, over 20% said yes, but a further 22% said they didn’t know if they had suffered a breach.
“IT and security teams had to scramble to respond to this crisis and in doing so, left a lot of companies wide open to breach. Nine months into employees working remotely, some know already that they have been attacked," added Jon Fielding, managing director, EMEA at Apricorn. "Others think they may have been but can’t be sure. In the same way that we had to learn how to protect ourselves from illness and modify our behaviour, we had to also learn how to protect our data outside of the firewall and more important, to remain vigilant about it.”