Organizational Security Posture Effectiveness Declines by 38% Due to COVID

Security Post Decline 38% COVIDRemote workforces, insecure devices, a lack of multi-factor authentication, and a lack of user education all add up to a security nightmare for the average organization today.

We’d like to think that the move to work from home wouldn’t have that much impact on your organization’s security stance. But new data from Ponemon’s Cybersecurity in the Remote Work Era report has come out offering a glimpse into just how impactful shifting to a remote workforce has been on your ability to protect the organization from cyberattack.

According to Ponemon, before COVID, 71% of organizations felt they were either “highly” or “very higly” effective. Now while working in the middle of COVID, only 44% rank themselves as effective.

The report goes on to spell out some of the reasons for this massive decrease in cybersecurity effectiveness – and it all points to the remote worker.

According to the report:

  • 71% of orgs believe remote workers put the organization at risk of data breach
  • 67% of orgs say personal mobile devices are used to access business applications
  • 65% of orgs are not requiring the use of multi-factor authentication
  • 57% of orgs say remote workers are prime targets for attackers wishing to exploit vulnerabilities

These numbers don’t paint a pretty picture for the future of organizations. And, from the data, it appears like cyberattacks are continuing and are being successful:

  • 51% of orgs have experienced malware evading their intrusion detection systems and 49% evading their anti-virus
  • 60% of orgs have experienced a cyberattack
  • 56% have experienced credential theft
  • 48% have experienced phishing attacks

With 57% of organizations not providing a Security Awareness program to “inform and

educate remote workers about the risks created by remote working”, it’s evident that one major part of the problem here is the remote worker themselves. Putting remote workers through Security Awareness Training helps educate them on how they pose a risk to the organization, how they can improve their security stance, and how to avoid becoming a victim of the growing threat of attacks on remote workers.

12 Ways to Defeat Multi-Factor Authentication On-Demand Webinar

Webinars19Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, explores 12 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he shares a hacking demo by KnowBe4's Chief Hacking Officer, Kevin Mitnick.

Watch the Webinar

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing, MFA, COVID-19

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews