Business
Focused
Technology

A Lack of Employee Cyber Hygiene is the Next Big Threat

A new report suggests that everything from endpoints, to passwords, to training, to security policies, to a lack of awareness is all contributing to much higher risk of cyberattack.

Employee cyber risk is a multifaceted issue that revolves a lot around cyber hygiene, according to new data in Mobile Mentor’s inaugural Endpoint Ecosystem Report.

It involves a number of issues that organizations are going to need to address effectively and quickly.

A few issues I really want to highlight here include passwords, device use, and a lack of proper training. Despite most phishing attacks focusing on credentials, employees still have terrible password hygiene:

But the device is secure, right? Wrong.

Only 43% of organizations have BYOD securely enabled, with just one-third of employees able to securely access corporate systems, data, and apps from personal devices. With 64% of employees using a personal device for work, this is a massive risk.

So, these companies are making up for it by properly training their employees about cyberattacks, vigilance, good hygiene, etc., right? Again, wrong.

According to the report only 25% of in-office workers receive security training monthly. Remote employees have it a bit better (with 43% receiving training), but it’s evident by just the poor password hygiene that organizational leadership isn’t taking this seriously and aren’t looking to elevate the individual employee’s mindset around the need to be secure while working – and the employee’s role in helping to maintain that state of security.

Those organizations focused on continual Security Awareness Training demonstrate a commitment to seeing every aspect of the employee’s interaction with corporate resources, applications, and data on the one hand (with email and the web on the other) be as secure as possible – starting with the employee’s own awareness being elevated to a state of vigilance to ensure better cyber hygiene and a more secure organization.


Source: KnowBe4

Principal Owner, Law Firm

Our law firm uses IT360, Inc. for all of our technology needs. They not only provide outstanding service at a reasonable fee, but we consider them an integral part of our practice.

Principal Owner, Law Firm

Recent
Technology News

IT 360 News
Impersonation Phishing Attacks Increase as Credentials Take the Lead as the Primary Target

New data shows an upswell of email-based cyberattacks, with over 256 brands being impersonated, as social media, Microsoft, shipping, and ecommerce brands top the list. There’s been a lot of changes in the volume of email-based cyberattacks, according to security analysts at Abnormal Security. According to their H2 2022 Email Threat Report, the number of […]

Read more
IT 360 News
Crafty Microsoft USB Scam Shows the Importance of Security Awareness Training

Just when you thought scammers couldn’t get more tricky in their attacks, this example will prove you wrong. One of our KnowBe4 colleagues shared this LinkedIn post on a recent very crafty USB scam: As you can see, the Microsoft USB looks VERY similar to a USB you would receive from Microsoft in the mail as […]

Read more