Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementPhysicalSecurity NewswireCybersecurity News

Increasing Cybersecurity Gaps and Vulnerabilities due to Remote Work During COVID-19

Virus Detected
June 10, 2020

Fifty-six (56) percent of employees are using their personal computers as their company’s go remote in response to COVID-19 according to the Work-from-Home (WFH) Employee Cybersecurity Threat Index released by Morphisec. In addition, nearly 25% of employees working from home don’t know what security protocols are in place on their device and more than 1-in-4 have frequent or more issues with spotty WiFi limiting antivirus efficacy.

Morphisec's WFH Employee Cybersecurity Threat Index was based on a survey of more than 800 traditional office workers from across the U.S. These employees self-reported as recently transitioning to working remotely during their company’s response to the COVID-19 pandemic. Although the trend toward remote work was already in progress when COVID-19 struck, it accelerated the transition far faster than anyone anticipated. Due to this, IT and security teams had to scramble in their response to the crisis, and the inaugural threat index spotlights the resulting cybersecurity gaps and vulnerabilities reported by employees.

The American workforce is now reliant on at-home WiFi networks and non-hardened work devices, says the report, and without reliable connectivity, employees may not be getting the protection they need. Antivirus and detection tools need a constant network connection to remain effective at blocking attacks. Non-hardened laptops or other endpoint devices can also pose a significant risk to enterprise network security. Research from earlier this year by Morphisec and Ponemon Institute found the average cost of a successful endpoint attack was $8.9 million in 2019.

Furthermore, attack surfaces have expanded during the crisis through employee reliance on collaboration apps. These tools are increasingly in the crosshairs of malicious parties and have less than adequate patching protocols. In fact, vulnerabilities have forced organizations such as Google, SpaceX, and NASA to actually ban employee use of such applications to reduce their risk of more sophisticated breaches. Morphisec Labs researchers discovered one such flaw in the Zoom application in April that enabled threat actors to record Zoom sessions without the participants’ knowledge.

Although 62% of WFH employees rate their IT department’s response to COVID-19 as above average or better, a third of employees rate the response as average or below. The task now for IT teams is to enhance distributed workforce cybersecurity as work-from-home continues into the future. Many enterprises have seen productivity gains during remote work, and several FORTUNE 500 companies have already announced more permanent WFH adoption. Therefore, just as information technology leaders are reassessing what tools are the best for remote productivity, they must re-examine which aspects of their cybersecurity stacks enhance remote business continuity.

Additional highlights from Morphisec’s Work-from-Home Employee Cybersecurity Threat Index include:

  • Remote working was an entirely new experience for 49% of employees.
  • 75% of WFH employees say they usually or almost always follow their IT team's advice when it comes to cybersecurity protocols.
  • The most common tip employees received from IT in transitioning to WFH was being wary of suspicious emails, attachments, or pop-ups (56%). This was followed by ensuring antivirus software was active (48%), and updating software frequently (46%).
  • Worryingly, 20% of workers said their IT team had not provided any tips as they shifted to working from home.
  • Business chat apps such as Slack and Microsoft Teams were rated by WFH employees as their second most essential tool in working remotely. Yet, workers acknowledged they were the least cautious in using these types of services.

“The COVID-19 crisis has accelerated the long-term shift towards remote workforces by 5-10 years,” said Andrew Homer, VP of Security Strategy at Morphisec. “As tomorrow’s workers seamlessly alternate between work and household tasks on their personal devices, new types of deterministic cybersecurity defenses are required by security teams to limit the need for human intervention. Growing reliance on collaboration applications, which can’t be patched fast enough, begs for the use of defense mechanisms such as moving target defense to thwart in-memory exploits, zero-day attacks, and evasive malware that will continue targeting distributed employees.”

Download the full Morphisec Work-from-Home Employee Cybersecurity Threat Index here.

KEYWORDS: COVID-19 cyber security information security remote work risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Home office/remote worker

    Network visibility and security gaps due to remote work challenge IT

    See More
  • remote work

    74% of Finance Leaders Intend to Shift Some Employees to Remote Work Permanently Post-COVID-19

    See More
  • Return to Work

    G4S Announces Expansion of Return to Work Assurance Program to Help Organizations Meet Compliance Requirements During COVID-19 Reopenings

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing