Remote workforces, insecure devices, a lack of multi-factor authentication, and a lack of user education all add up to a security nightmare for the average organization today.
We’d like to think that the move to work from home wouldn’t have that much impact on your organization’s security stance. But new data from Ponemon’s Cybersecurity in the Remote Work Era report has come out offering a glimpse into just how impactful shifting to a remote workforce has been on your ability to protect the organization from cyberattack.
According to Ponemon, before COVID, 71% of organizations felt they were either “highly” or “very higly” effective. Now while working in the middle of COVID, only 44% rank themselves as effective.
The report goes on to spell out some of the reasons for this massive decrease in cybersecurity effectiveness – and it all points to the remote worker.
According to the report:
- 71% of orgs believe remote workers put the organization at risk of data breach
- 67% of orgs say personal mobile devices are used to access business applications
- 65% of orgs are not requiring the use of multi-factor authentication
- 57% of orgs say remote workers are prime targets for attackers wishing to exploit vulnerabilities
These numbers don’t paint a pretty picture for the future of organizations. And, from the data, it appears like cyberattacks are continuing and are being successful:
- 51% of orgs have experienced malware evading their intrusion detection systems and 49% evading their anti-virus
- 60% of orgs have experienced a cyberattack
- 56% have experienced credential theft
- 48% have experienced phishing attacks
With 57% of organizations not providing a Security Awareness program to “inform and
educate remote workers about the risks created by remote working”, it’s evident that one major part of the problem here is the remote worker themselves. Putting remote workers through Security Awareness Training helps educate them on how they pose a risk to the organization, how they can improve their security stance, and how to avoid becoming a victim of the growing threat of attacks on remote workers.