According to the data, employees of all levels within the organization have been putting the business at risk:
54% of employees admitted that they use the same passwords across multiple work accounts
41% of business owners and 32% of C-level executives still remember passwords by writing them down
42% of users are using their work devices for personal use
44% of business owners and 39% of C-level executives said they perform personal tasks while on a work device at home
Only 55% are more vigilant about cybersecurity while working from home
And the most shocking…
60% of employees say that they aren’t responsible for cybersecurity and that IT should handle all defenses
It’s this last one that really gets me. Organizations must establish a culture of cybersecurity to some degree, engaging employees to participate in the org’s security stance. The largest (and easiest) role a user can play is by putting Security Awareness Training to practical use every day – that includes both improving cyber hygiene as well as being more cautious when interacting with email and the web. With the expectation that more phishing attacks are coming, it’s critical to put the user in place as a line of defense today. This will result in a far more secure user, environment and organization.