It only takes 30 days to build a bad habit and according to Tessian’s “Back to Work Security Behaviors”, 56% of IT administrators felt that since the pandemic, their employees have developed poor security habits while working remotely. The same report cited that younger employees are taking cybersecurity shortcuts, with 46% of all 25-34 year olds saying that they have actually used “security workarounds” in their day to day. In addition, 39% said they do not practice the same cybersecurity behaviors while working from home compared to while working in the office. However, IT leaders are still optimistic about the return to the office, since 70% of staff think that they will continue to follow their company’s security policies (but 57% are pretty sure that they will not change their new bad habits).
As expected, targeted phishing attacks are also on the horizon and expected to double during the transition back to the office. Tessian also found that 27% of employees admitted that they did not report cybersecurity mistakes they made while working remotely, since they were of the belief that “no one will ever know about it”. Workers also admitted that they did not report cybersecurity mistakes because they are afraid of being disciplined or forced to complete mandatory cybersecurity training (additionally, only half of employees said that they tell their IT manager when they click on a malicious email).
At the end of the day, training should never be enforced as a form of punishment. It should be used to encourage and empower your employees to engage in best practices so that they can protect themselves and your business. For more information about security best practices for your business, returning to the office, or cyber security protection, please contact [email protected] or book a meeting here: https://meetings.hubspot.com/lbarrett