Latest News

1 in 3 organizations does not provide any cybersecurity training to remote workers

Written on Jan 20, 2023

New research has found that 33% of companies are not providing any cybersecurity awareness training to users who work remotely. 

The study by Hornetsecurity also revealed nearly three-quarters (74%) of remote staff have access to critical data, which is creating more risk for companies in the new hybrid working world. 

Despite the current lack of training and employees feeling ill-equipped, almost half (44%) of respondents said their organization plans to increase the percentage of employees that work remotely. 

The independent survey, which quizzed 925 IT professionals from a range of business types and sizes globally, highlighted the security management challenges and employee cybersecurity risk when working remotely. 

The research revealed two core problems causing risk: employees having access to critical data, and not enough training being provided on how to manage cybersecurity or how to reduce the risk of a cyber-attack or breach. 

While companies have adapted to new ways of working, cybersecurity risks linked to remote working remain un-tackled. Nearly a fifth of IT professionals (18%) say workers are not secure when working remotely, but almost three-quarters of employees (74%) have access to critical data. Perhaps unsurprisingly, 14% of respondents said their organization suffered a cybersecurity incident related to remote working. 

The study also highlighted a lack of understanding, confidence and knowledge around cybersecurity from employees when working remotely. Nearly half (43%) of IT professionals rate their confidence in their remote security measures as 'moderate' or worse, with the survey also finding that 'uncontrolled file sharing' was a common source of cybersecurity incidents (16%). 

Having strong systems in place to protect employees is essential. The study found that the main sources of cybersecurity incidents were compromised endpoints (28%) and compromised credentials (28%). In addition, 15% said that employees use their own devices with some endpoint configuration for remote work. It's clear that having both security awareness training and investment in endpoint management systems are vital to have robust remote cybersecurity for organizations.