A survey has found a majority of IT security professionals believe remote workers face bigger security risks due to being isolated from their companies’ security teams.
According to Help Net Security, the survey was conducted in July this year and included around 800 technical staff and executives from companies across the US and the UK. The companies ranged in size from 250 employees to more than 5,000 across the sectors of healthcare, government, information services, legal and finance.
The survey found that almost 80% of security professionals believed remote workers are more at risk from phishing attacks now due to being cut off from the security teams of their businesses.
In contrast, however, more than 59% of respondents said solutions such as video training (27%), email reminders (20%) and VPNs (12%) were good enough solutions by themselves to keep their organisations safe from brand and brand reputation damage and legal jeopardy.
On the topic of threat literacy among remote workers, the survey discovered that 81% of IT leaders felt their employees had a good idea that 90% of more ransomware attacks came through email phishing. Only 18% felt their employees didn’t understand the threats posed by email phishing attacks.
The poll found that over the past year, another main step taken by IT leaders to deal with the growing dangers around remote working – alongside video training courses, email reminders and VPNs – was one-on-one training with new employees, with 13% engaging in it overall.
When quizzed on whether these countermeasures were enough to protect remote employees from phishing, up to 79% agreed with this stance, while only 15% disagreed. When employees were asked if they understand different phishing attacks like business email compromise or domain spoofing – close to 50% of respondents said they understood this ‘very well’, while 39% said ‘quite well’ and 10% said ‘not quite well’.
Meanwhile, only 52% of survey respondents said they felt their organisation understood the areas of the business that were most vulnerable to attacks. An overwhelming majority – 76% – said they were likely to pay a ransom if their entire system was locked down through malware.
When the survey respondents were asked to rate in the order of importance why they thought remote employees were more vulnerable to targeted phishing attacks, they said being more removed from the organisation’s security team as most important, followed by a distracting work environment, working from multiple or personal devices, pressure to appear more productive, with phishing attacks have become more sophisticated rated at the bottom.
Copyright © 2021 RegTech Analyst
Copyright © 2018 RegTech Analyst