Lynx Software has announced the results of its pandemic cybersecurity survey designed to capture US employees’ sentiment toward how seriously companies have taken cybersecurity since the start of COVID-19.
Companies have not done enough to prevent heightened security risk in light of remote working, as nearly 4 in 10 (36%) respondents have been, or know someone who has been, impacted by a cybersecurity attack since the start of COVID-19.
Lynx’s survey findings of 1,000 working Americans indicates that a large majority of respondents (69%) are more concerned about cybersecurity risks during COVID-19 than they were before the pandemic – as perimeter-based security is no longer possible so device infrastructure becomes even more vulnerable.
Worryingly, less than half (49%) of respondents said their organisation’s cybersecurity has strengthened since the start of the pandemic. Employees are mostly concerned about how this could impact their data privacy as 54% of respondents indicated that the biggest cybersecurity concern they have is their personal data being compromised.
Employee IT behaviour is leaving many companies exposed to heightened cybersecurity risks during the pandemic. While working remotely:
- 76% of respondents use a personal device for work at least sometimes.
- 75% use cloud based services to store and edit their documents.
- 60% use a USB to move work files.
- 22% are not sure if they are able to switch off their work Virtual Private Network (VPN) and 22% know they aren’t able to.
- 65% indicated that their company allows them to use their work computer for accessing personal services .
Since they started working remotely, many respondents said their company has not doubled down sufficiently on strengthening security policies and measures:
- 60% say their company has not prohibited the use of certain apps and tools that do not meet high security standards.
- 58% say their company has not implemented antivirus software.
- 48% are not aware of their company implementing strict IT security policies.
“Organisations of all types need to prioritise finding ways to secure end-points for their employees’ devices, whether they are on laptops, edge servers or anything between, especially in the remote, zero-trust environment we are living in. For IT teams this doesn’t have to mean prohibitive costs or compromising performance,” said Arun Subbarao, Vice President of Engineering and Technology at Lynx Software. “At Lynx, we endorse increased security awareness for IT in order to combat risks that have come as a result of people’s increasingly virtual lifestyles since COVID-19.
Lynx’s survey illustrated that not all employees are aware of the additional cybersecurity risks they are exposed to since working remotely or what to do in a threatening situation. While 95% of respondents agreed that it is important that they feel like their work laptop is secure, three in ten were not aware that company devices used outside of the workplace are at greater risk for cyber threats. In addition, over half indicated that they would not be able to recognise if their work device had been hacked, and three in ten would not know what actions to take if they sense their device has been attacked.
The fight to protect organisations from risks in zero-trust environments and educate employees on cybersecurity policies and protocols is far from over. Once vaccinations have been more widely rolled out and office returns get underway, 70% of people surveyed still expect to be working from home for some period of the work week, making cybersecurity a priority for IT teams beyond the pandemic. Survey respondents shared their perspective on what steps companies can start with:
- 51% say that organisations can make them more aware of the actions they are taking against cybersecurity risks by sharing policies.
- 50% would like training sessions.
- 44% would appreciate weekly newsletter updates on cybersecurity efforts.
To help organisations keep their most critical systems safe in a simple way, Lynx Software securely partitions work and personal use applications from each other.
