New AT&T research shows 54 per cent of workers are regularly using their work device for personal purposes, including sharing work equipment with family members, thereby creating further risks for businesses. The survey, conducted by Opinium, questioned 3,000 workers in the UK and Germany who are now operating remotely because of new policies brought in to combat the global Coronavirus pandemic. More than a third of those questioned admitted to using work equipment to connect to smart home devices (35 per cent) such as voice assistants (14 per cent) smart speakers (14 per cent), fitness monitors (13 per cent), smart lighting (12 per cent) and smart kitchen appliances (12 per cent).
The data clearly shows workers understand the problem. Two thirds (66 per cent) said they are more aware of cybersecurity threats since shifting to home working. Nearly half believe they personally (49 per cent in the UK; 38 per cent in Germany) and their companies (52 per cent in the UK; 42 per cent in Germany) are at increased risk of cyberattacks. 55 per cent have been the target of a cybersecurity threat while working remotely over the past year, and nearly a third of those surveyed (29 per cent) said their company isn’t doing enough to protect them from cybersecurity threats.
Yet when it comes to taking responsibility, two in three remote workers (66 per cent) say that practicing good cybersecurity at work is challenging; citing a lack of adequate training or technical support (22 per cent), lack of prioritisation by senior management (18 per cent) and it taking too much time/being too much hassle (16 per cent). One in five employees (20 per cent) say there is no way they could be encouraged to care about cybersecurity risk.
The results correspond with a July 2020 AT&T survey of 800 EMEA cybersecurity experts, which found that 70 per cent of large businesses with more than 5,000 employees believed widespread remote working was making their companies more vulnerable to cyberattacks. That survey identified employees (31 per cent) as the biggest risk to implementing good cybersecurity practices. At that time, experts believed that one in three (35 per cent) employees were using devices for both work and personal uses but the new research suggests that number is much higher.
While many businesses did introduce new cybersecurity measures to mitigate risks since the onset of COVID-19, employees indicated that many employers have not taken basic steps to improve cybersecurity. One in three (32 per cent) say their company hasn’t implemented additional login protocols to protect from web-based threats and 50 per cent have not required any additional cybersecurity training since shifting to remote working.
“The lines between our professional and personal lives are blurring and that includes our online behaviours,” says John V. Slamecka, region president EMEA & LATAM, AT&T Business. “It’s clear that businesses can only protect their networks by mitigating for those behaviours. Cybercriminals are launching cyberattacks at the most vulnerable point – the remote worker. Businesses who initially compromised on cybersecurity to speed up the transition to homeworking are taking a tremendous risk. They must address cyber risks now to provide for business continuity and help protect their workforce and business for the future.”