>
Many companies don’t train their remote workers in cybersecurity awareness, new research finds, despite these workers having access to sensitive company data.
A Hornetsecurity report of nearly 1,000 IT professionals working in businesses of all sizes around the world found that a third (33%) do not provide any form of cybersecurity awareness training to their remote workforce.
At the same time, three-quarters (74%) of these telecommuters have access to critical data, potentially putting their employers at high risk for costly, brand-destroying cyber incidents.
Basic rescue training
The report also suggests that IT teams are aware of the position they are in, as nearly half (43%) of IT professionals rate their confidence in their external security measures as “moderate” at best. Some (16%) believe that “uncontrolled file sharing” was a common cause of cyber incidents.
The risks could only get worse as the report found that nearly half (44%) of companies plan to increase the percentage of their telecommuting workforce in the future.
To address the problem, Hornetsecurity says, companies need to do the obvious: increase education and training, especially basic training, which could “significantly” improve an organization’s cybersecurity posture.
In addition, companies should have “strong systems” to protect their employees. Compromised endpoints (opens in new tab) (28%) and compromised credentials (28%) were the top sources of cybersecurity incidents, it said. In addition, 15% said employees use their own devices to work, albeit with “some endpoint configuration”.
“Traditional methods of controlling and securing company data are not as effective when employees work in remote locations and more responsibility falls on the individual. Businesses need to recognize the unique risks of remote working and activate relevant security management systems, empowering employees to deal with a certain level of risk,” said Daniel Hofmann, CEO of Hornetsecurity.
“Increasing cybersecurity measures for remote work is particularly important in the current climate, as cybercriminals are getting smarter and using remote work to their advantage. We have seen an increase in smartphone attacks as hackers understand that both personal and professional data are likely to be accessed, just as people can and often do work on personal devices.”