Many firms aren't giving remote workers any security training

(Image credit: No credit)

Many companies do not provide their remote workers with any cybersecurity awareness training, new research has claimed, despite these workers having access to sensitive company data.

A report from Hornetsecurity polling almost 1,000 IT professionals working in businesses of all sizes across the globe found that a third (33%) do not provide any kind of cybersecurity awareness training to their remote staff.

At the same time, three-quarters (74%) of these remote workers have access to critical data, potentially putting their employers at major risk of expensive, brand-shattering cyber-incidents.

Basic training to the rescue

The report also suggests that IT teams are aware of the position they’re in, as almost half (43%) of IT pros rated their confidence in their remote security measures as “moderate” at best. Some (16%) believe that “uncontrolled file sharing” was a common cause of cyber incidents.

The risks could only be set to increase, as the report found almost half (44%) of firms are planning to increase the percentage of their remote working staff in the future.

To tackle the problem, Hornetsecurity says businesses need to do the obvious - increase education and training, particularly basic training, which could “significantly” improve an organization’s cybersecurity posture.

Furthermore, businesses should have “strong systems” set up, to protect their employees. Compromised endpoints (28%) and compromised credentials (28%) were the main sources of cybersecurity incidents, it said. Furthermore, 15% said employees use their own devices to work, albeit with “some endpoint configuration”.

> The biggest cyber-threats hitting firms working remotely during the Covid-19 crisis

> Beware the security threats from rolling out remote working

> Here are the best online collaboration suites right now

“Traditional methods of controlling and securing company data aren’t as effective when employees are working in remote locations and greater responsibility falls on the individual. Companies must acknowledge the unique risks associated with remote work and activate relevant security management systems, as well as empower employees to deal with a certain level of risk,” said Daniel Hofmann, CEO of Hornetsecurity.

“Increasing remote working cybersecurity measures is particularly important in the current climate, as cybercriminals are becoming smarter and using remote working to their advantage. We’ve seen an increase in smartphone attacks as hackers understand that both personal and professional data can likely be accessed as people can, and often do, carry out work on personal devices.”

Here are the best antivirus solutions right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.