IBM Security Work from Home survey of more than 2,000 newly remote work employees in the US reveals unpreparedness for remote work, and also provides a picture of companies slow to implement new training in response to this increased threat environment. Key findings include:
- 80 percent of respondents either rarely or never worked from home prior to COVID‑19
- More than half of the US population is working from home now
- 52 percent are using their personal laptops for work, and 61 percent say their employer has not provided tools to properly secure these devices
- 45 percent have not received any new cybersecurity training for this new environment
These results are in line with other surveys which reveal that despite the remote work environment, exposing companies to a dramatic increase in their cyber threat surface, many are still struggling to adapt to a new environment which is likely to last into 2021.
While the imposition of remote work happened quite suddenly, it has now been three months since it occurred. That is sufficient time for companies to take action to address many of the new remote work challenges, such as use of less secure personal devices to access work IT networks, or at least to ensure that these devices are as secure as they can be. But the fact that most of the remote work population is still using personal devices, that 61 percent have not been given tools to secure these devices, and that 45 percent have not received new cybersecurity training are all reasons corporate networks are at heightened risk today.
One difference between companies with strong cyber governance and those with weak cyber governance is related to how they educate, train and prepare their staff in good cyber hygiene as part of robust security policies and processes. How companies respond to COVID‑19 disruptions is another case of separating the ‘good’ from the ‘bad’ in cyber governance. As the Cyberhedge Cyber Governance Indices demonstrate, highly rated companies continue to outperform through the crisis. No company predicted or specifically prepared for the pandemic, but those highly rated in cyber governance were better prepared to make the digital shift catalyzed by COVID‑19. And a key part of this preparation was ensuring staff had the tools and knowledge necessary to adhere strong company cybersecurity protocols.