New research has found that many companies do not provide any cybersecurity awareness training to their remote employees, even though these employees have access to sensitive company data.
A Hornetsecurity report, which surveyed nearly 1,000 IT professionals working in companies of all sizes around the world, found that a third (33%) do not provide any cybersecurity awareness training to their remote workers.
At the same time, three-quarters (74%) of these remote workers have access to critical data, potentially putting their employers at serious risk of costly, brand-busting cyber incidents.
Basic rescue training
The report also suggests that IT teams are aware of their position, with nearly half (43%) of IT professionals rating their trust in their remote security measures as “moderate” at best. Some (16%) believe that “uncontrolled file sharing” was a common cause of cyber incidents.
The risk can only increase as the report found that nearly half (44%) of companies plan to increase the percentage of employees working remotely in the future.
Hornetsecurity says that to solve this problem, companies need to do the obvious – increase the level of education and training, especially basic ones, which can “significantly” improve the cybersecurity posture of organizations.
In addition, companies should have “strong systems” in place to protect their employees. Attacked endpoints (opens in a new tab) (28%) and compromised credentials (28%) were the top sources of cybersecurity incidents. Additionally, 15% said employees use their own devices to work, albeit with “some endpoint configuration.”
“Traditional methods of controlling and securing company data are not as effective when employees work in remote locations and more responsibility rests with individuals. Companies need to be aware of the unique risks associated with remote work and activate appropriate security management systems, as well as empower employees to deal with a certain level of risk,” said Daniel Hofmann, CEO of Hornetsecurity.
“Increasing remote working security measures is especially important in the current climate as cybercriminals become smarter and use remote working to their advantage. We’ve seen an increase in smartphone attacks as hackers have understood that both personal and work data can be accessed as people can and often do work on personal devices.”