Published: February 22, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
The concept that a corporation’s cybersecurity practices see improvement when their employees are educated to follow better security measures at home, may start gaining in popularity. It’s a kind of “two-fer” when both parties involved have more secure online practices, something that benefits everyone but cybercriminals.
A post on Between the Lines says “To improve overall corporate security, enterprises should be actively educating and providing tools for employees to follow these same practices in their personal lives. When we attach the word corporate to security, we're letting employees off the hook. We're sending the message that at work you have to follow secure processes -- implying that at home they have no such requirement.”
That belief is backed-up by statistics showing credential theft as the most targeted type of data. The Verizon 2021 Data Breach Investigations Report finds stolen and abused credentials made up 61% of all data breaches last year. Also, the pandemic greatly increased phishing attacks which are the source for 36% of stolen credentials, up 9% over 2020. This type of attack opens the door for ransomware, data theft, and other potentially devastating attacks on enterprise.
Also supporting the need for employees practicing better security habits at home are remote-work statistics. MalwareBytes Labs found in 2020, remote working led to 20% of enterprises experiencing breaches. That number is likely higher now since the ongoing pandemic continues to increase the number of those working from home. The Egress’ Insider Data Breach Survey for 2021 finds 61% of employee respondents believe working from home makes them no more or even less likely a threat to employer data breaches. Now that’s something for employers to be concerned about.
Overall, improved cybersecurity is slow to grow, affected by complex tools and user experience. But when employers educate and encourage staff to practice options like using password managers, firewalls, and especially MFA (multi-factor authentication) at home, they’re likely to use them at work as well. MFA use is growing with enterprises, according to Yubico and 461 Research. More than 50% of enterprises say they provide MFA options, and more than 74% are increasing their MFA use.
The author of the Between the Lines post remarks “We are all creatures of habit…The costs for education and licensing that support employees at home is a small investment that will pay big dividends in increased security at work and provide a boon for protecting employee personal data.”
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org