Half of organizations experience remote work security incidents
Between March and July 2020, almost half of companies experienced a data breach or security incident according to a new report, and half of these were caused by phishing attacks.
The study from Tessian also reveals that 82 percent of IT leaders think their company is at greater risk of phishing attacks when employees are working away from the office.
This view is backed up by the finding that 65 percent of US and UK employees say they received a phishing email during the remote working period that was enforced by the global COVID-19 pandemic.
As far as the long term effect of remote working goes, 85 percent of IT leaders believe permanent remote work will put more pressure on their teams, while over a third (34 percent) are worried about their workers becoming stretched too far in terms of time and resource.
Tim Sadler, CEO and co-founder of Tessian says:
People don't want to give up the level of flexibility they have experienced this year, and businesses must transform in order to meet their staff's expectations. While it is great for employees, a hybrid way of working actually offers the worst of both worlds for IT teams who have to simultaneously manage and mitigate security risks that occur both in and out of the office, while providing a seamless experience that enables employees to work-from-anywhere.
With limited resourcing and budget, this isn't going to be easy. But failure to do so could threaten companies’ security posture and see businesses losing out on talent. Education on the threats people could be exposed to and the threats they pose to company security is an important first step. Businesses also need to invest in solutions that alleviate the pressure on IT teams, providing them with greater visibility into employee behaviors, automating manual tasks and alerting employees to threats to prevent them from causing security incidents before they happen.
The study also highlights that 57 percent of employees were more reliant on email as a channel to stay connected with colleagues while working remotely, creating a bigger opportunity for hackers to carry out phishing and impersonation attacks.
But while external threats like phishing are a major problem, 78 percent of IT leaders also believe their organization is at greater risk of insider threats, such as employees bringing infected devices or documents into the office or sharing sensitive information with personal accounts, should their company adopt a permanent hybrid working structure. In fact, over a quarter (27 percent) reported higher rates of security breaches caused by insider threats between March and July 2020.