Employee education singled out as the biggest cybersecurity weakness during lockdown

Apricorn announced new findings from a Twitter poll exploring the data security and business preparedness for remote working during the pandemic. More than 30% of respondents singled out employee education as being the biggest area companies needed to make changes to improve cybersecurity.

The poll was issued over six days and targeted employees in both the U.S. and UK. In addition to concerns about employee education, respondents also flagged updates to hardware (29%), endpoint control (21%) and enforcing encryption (19%) as areas of weakness, where organizations need to make changes to improve cybersecurity. Given that almost 30 percent of respondents admitted to using unencrypted devices during the pandemic, this raises many concerns particularly at a time when we are seeing a dramatic increase in the volume of data being downloaded, and a potential for more data on the move.

“Employees have a critical role to play in their organization’s cyber security processes, from recognizing the tools required, through to the policies in place to protect sensitive data. Whether it be through the delivery of awareness programs or ongoing training, establishing a culture of security within the workforce is essential,” said Kurt Markley, Director of Sales at Apricorn. “Endpoint security is critical, and deploying removable storage devices with built-in hardware encryption, for example, will ensure all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorized to access it.”

In addition, more than 40% of respondents admitted that, as an individual, they were not fully prepared to work at home securely and productively. Almost a fifth (18%) said they lacked the right technology to do so, 16% were not sure how to, and just over 20% said they were still not able to work remotely.

“Many businesses will now have witnessed the positive productivity and financial impact of a remote workforce, but without the right tools, processes and security in place, this can very easily backfire,” Markley continued.

With the poll results showing that more than 60% of respondents are planning to work remotely, all, or some of the time following the pandemic, the threat to corporate data is only going to mount. Almost 20% admitted that the experience of working from home highlighted major gaps in their employer’s cybersecurity strategy/policies.

When questioned as to whether their company had experienced a data breach as a result of remote working during the pandemic, over 20% said yes, but a further 22% said they didn’t know if they had suffered a breach.

According to Jon Fielding, Managing Director, EMEA at Apricorn, “IT and security teams had to scramble to respond to this crisis and in doing so, left a lot of companies wide open to breach. Nine months into employees working remotely, some know already that they have been attacked. Others think they may have been but can’t be sure. In the same way that we had to learn how to protect ourselves from illness and modify our behaviors, we had to also learn how to protect our data outside of the firewall and more important, to remain vigilant about it.”

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.