Most Remote Workers Have Received No Security Training for a Year
Two-thirds of remote workers in the UK haven’t received cybersecurity training over the past year, raising fears that they may be more susceptible to attacks as hackers adapt their tactics during the current crisis.
Norwegian app security firm Promon polled 2000 remote workers to better assess where organizations may be exposed during the pandemic. It wasn't able to provide Infosecurity with a breakdown of the size or type of organization.
It found that, as well as the majority not having received training over the previous year, 77% said they aren’t worried about security while working from home. Over-confidence can often lead to users making mistakes which land them in trouble.
What’s more, over three-fifths (61%) said they were using personal rather than corporate-issued devices to work remotely, increasing the chances that they aren’t properly protected, configured or aligned with corporate security policies.
“It’s concerning to find that such a large number of workers don’t have the necessary training to spot a potential cyber-threat, such as a phishing email or spoofed website, as these are the main ways in which cyber-criminals are executing their attacks,” argued Promon CTO and co-founder Tom Lysemose Hansen.
“Organizations must ensure that staff who are working remotely are doing so in secure environments, whether that’s on personal or corporate devices, and it’s critical that they provide the necessary training and tools to ensure corporate data is protected.”
Reports have been flooding in from multiple vendors of a sharp increase in COVID-19-themed phishing emails. Google claimed it blocks 18 million malicious and phishing emails every day for its users.
Such threats can be used to deliver ransomware, BEC, credential-harvesting phishing, VPN malware and more.
Cyber-criminals are looking to capitalize on the widespread appetite for more information about the pandemic, as well as urgent communications between bosses, partners and employees, to trick users into clicking through.
With the entire family forced to stay indoors, home workers may also be more distracted than they would normally be.
Gloss