Survey: 94 percent of corporate IT teams are confident of their ability to secure their remote workforce, despite poor cyber hygiene by employees

Summary

An April survey commissioned by CyberArk of 3,000 remote office workers and IT professionals in the United States, UK, France and Germany found that 77 percent of remote employees are using unmanaged, insecure devices to access corporate systems, and 29 percent are letting other household members use their corporate devices for personal activities such as gaming, shopping and schoolwork. 40 percent of IT teams have not increased security protocols despite the massive transition to remote work, but despite this 94 percent of these IT teams are confident that they can secure their new remote workforce.

Report

Analysis

This is the latest in a long line of surveys showing that corporate IT teams are too sanguine about the huge increase in challenges they face from the new remote working environment. The disconnect between the clear increase in unsafe cyber hygiene by employees — using unmanaged, insecure personal devices to access corporate networks, and allowing family members to use corporate devices for personal reasons — and the confidence of IT teams that they can keep networks secure should concern C-suites, boards, investors and regulators. The disconnect also helps explain why according to Mandiant Security Validation 53 percent of attacks infiltrate corporate networks unnoticed.

Remote work and remote consumption (forcing companies to digitize faster to meet consumers where they are) has massively increased the digitization of companies across industries. This is partly why the message ‘two years of digital transformation has occurred in two months’ has become common in corporate updates. Add to this the increase in hacker activity that has accompanied this increase in corporate attack surfaces over the past few months, and the response by 40 percent of IT teams in this survey that they have not increased security protocols also looks problematic. This combination of lax security awareness and overconfidence that security protocols do not need to be tightened highlights that increased staff training on cyber risks and adherence to policies and processes intended to manage them is needed. This is the front lines of good cyber governance, and it is deficient across many companies that underperform.

Management would be wise to refocus staff and resources on the cyber threat alongside the continued operational and commercial adaption to a digital-first world.

Close

Instantly download research in our library and be the first to get access to new content

Denis Bolshakov

Log out

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website