Business
Focused
Technology

A Lack of Employee Cyber Hygiene is the Next Big Threat

A new report suggests that everything from endpoints, to passwords, to training, to security policies, to a lack of awareness is all contributing to much higher risk of cyberattack.

Employee cyber risk is a multifaceted issue that revolves a lot around cyber hygiene, according to new data in Mobile Mentor’s inaugural Endpoint Ecosystem Report.

It involves a number of issues that organizations are going to need to address effectively and quickly.

A few issues I really want to highlight here include passwords, device use, and a lack of proper training. Despite most phishing attacks focusing on credentials, employees still have terrible password hygiene:

But the device is secure, right? Wrong.

Only 43% of organizations have BYOD securely enabled, with just one-third of employees able to securely access corporate systems, data, and apps from personal devices. With 64% of employees using a personal device for work, this is a massive risk.

So, these companies are making up for it by properly training their employees about cyberattacks, vigilance, good hygiene, etc., right? Again, wrong.

According to the report only 25% of in-office workers receive security training monthly. Remote employees have it a bit better (with 43% receiving training), but it’s evident by just the poor password hygiene that organizational leadership isn’t taking this seriously and aren’t looking to elevate the individual employee’s mindset around the need to be secure while working – and the employee’s role in helping to maintain that state of security.

Those organizations focused on continual Security Awareness Training demonstrate a commitment to seeing every aspect of the employee’s interaction with corporate resources, applications, and data on the one hand (with email and the web on the other) be as secure as possible – starting with the employee’s own awareness being elevated to a state of vigilance to ensure better cyber hygiene and a more secure organization.


Source: KnowBe4

Partner, Law Firm

We hired IT360 as our computer hardware and software computer consultants when the company first went into business. Since then, they have helped us purchase new software and hardware equipment that we have instituted into the law firm. Any time we needed them to be there they have been. They have solved all of our problems including: stand alone computers, networking issues, Internet access issues, and software. I would highly recommend IT360 to anybody who needs help in these areas.

Partner, Law Firm

Recent
Technology News

IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more
IT 360 News
Hyper-Personalized Phishing Attacks on the Rise

Phishing attacks are flooding in like never before and becoming more sophisticated. In 2023, there was a 47.2% increase in phishing attacks compared to the previous years. The attacks are also spreading beyond emails to text messages, phone calls, and other forms of personal communication. AI TOOLS The rise in attacks is attributed to the […]

Read more