Tel : 919 251 6280

NEWS RELEASE

12 January, 2023

1 in 3 organizations does not provide any cybersecurity training to remote workers despite a majority of employees having access to critical data

• Hornetsecurity survey reveals nearly one-fifth of IT pros say workers are not secure when working remotely
• Almost three-quarters of remote staff have access to critical data
• Nearly half of respondents say their organisation plans to increase the percentage of employees that work remotely in 2023

Hannover, Germany, 12 January, 2023: New research from leading cybersecurity provider Hornetsecurity has found that 33% of companies are not providing any cybersecurity awareness training to users who work remotely.

The study also revealed nearly three-quarters (74%) of remote staff have access to critical data, which is creating more risk for companies in the new hybrid working world.

Despite the current lack of training and employees feeling ill-equipped, almost half (44%) of respondents said their organisation plans to increase the percentage of employees that work remotely.

Daniel Hofmann, CEO of Hornetsecurity, said: "The popularity of hybrid work, and the associated risks, means that companies must prioritise training and education to make remote working safe."

"Traditional methods of controlling and securing company data aren't as effective when employees are working in remote locations and greater responsibility falls on the individual. Companies must acknowledge the unique risks associated with remote work and activate relevant security management systems, as well as empower employees to deal with a certain level of risk."

Challenges and risks

The independent survey, which quizzed 925 IT professionals from a range of business types and sizes globally, highlighted the security management challenges and employee cybersecurity risk when working remotely.

The research revealed two core problems causing risk: employees having access to critical data, and not enough training being provided on how to manage cybersecurity or how to reduce the risk of a cyber-attack or breach.

Hofmann commented: "Increasing remote working cybersecurity measures is particularly important in the current climate, as cybercriminals are becoming smarter and using remote working to their advantage. We've seen an increase in smartphone attacks as hackers understand that both personal and professional data can likely be accessed as people can, and often do, carry out work on personal devices."

Remote working security issues

While companies have adapted to new ways of working, cybersecurity risks linked to remote working, remain untackled. Nearly a fifth of IT professionals (18%) say workers are not secure when working remotely, but almost three-quarters of employees (74%) have access to critical data. Perhaps unsurprisingly, 14% of respondents said their organization suffered a cybersecurity incident related to remote working.

Remote working is not only known by professionals to bring unique issues, but people are experiencing the consequences of inadequate protection measures and insufficient remote management.

Lack of knowledge amplifies risk

The study also highlighted a lack of understanding, confidence and knowledge around cybersecurity from employees when working remotely. Nearly half (43%) of IT professionals rate their confidence in their remote security measures as 'moderate' or worse, with the survey also finding that 'uncontrolled file sharing' was a common source of cybersecurity incidents (16%).

Organisations can reduce risks associated with cybersecurity by increasing education and training. Basic training could improve matters significantly: Hornetsecurity's Security Awareness Training, for example, helps firms to strengthen their human firewall.

Use of endpoint management

Having strong systems in place to protect employees is essential. The study found that the main sources of cybersecurity incidents were compromised endpoints (28%) and compromised credentials (28%). In addition, 15% said that employees use their own devices with some endpoint configuration for remote work. It's clear that having both security awareness training and investment in endpoint management systems are vital to have robust remote cybersecurity for organizations.

Hofmann concluded: "To tackle the knowledge gap, training such as our end user Cyber Security Awareness Training helps ensure attackers are less likely to carry out a successful breach when trying to exploit employees. This and endpoint management, are the two basic steps in reducing remote working risks."

About Hornetsecurity

Hornetsecurity is a leading global email cloud security and backup provider, which secures companies and organisations of all sizes across the world. Its award-winning product portfolio covers all important areas of email security, including spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption — as well as email, endpoint and virtual machine backup, replication, and recovery. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market. With more than 400 employees in 12 regional offices, Hornetsecurity is headquartered in Hanover, Germany and operates through its international network of 8,000+ channel partners and MSPs and its 11 redundant, secured data centres. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

Media enquiries

Please contact us on [email protected].