Research carried out by cloud security experts, Menlo Security, has revealed increased cyber security risks posed to employees and organisations during the festive season. The new research – which surveyed 2,000 employed people in the United States and the United Kingdom – found that while employees are concerned about threats and are taking some measures to mitigate them, they often have false confidence in their security posture.
There are now more threats to corporate devices and networks than ever as hybrid work models blur the boundaries between work and home.
More than half of respondents (53% UK; 56% US) reported performing non-work-related tasks – such as online shopping – on company devices. Furthermore, the survey found that 63% of people in the UK (65% US) are doing more online Christmas shopping in 2021 compared to previous years, and nearly half of respondents (45% UK; 48% US), reported shopping for gifts this festive season on a work-issued device such as a laptop or mobile phone.
Workers are also noticing a rise in cyber threats this festive season, with 48% of respondents in the UK (58% US) observing an increase in scams and fraudulent messages, exemplifying that threats are rampant worldwide. This is worrying many people, as the vast majority of respondents report being somewhat too concerned about their personal data being stolen while online shopping.
However, despite workers’ recognition and concern of cyber threats, 65% of people still believe they’re secure from cyberthreats if they’re using a company device. “Workers are becoming increasingly aware of the threats that loom while browsing the web, however they have a false sense of security about the level of protection they have when using corporate devices. As a result, they are unintentionally exposing their corporate networks to a slew of vulnerabilities,” said Mark Guntrip, Senior Director, Cybersecurity Strategy at Menlo Security.
“More employees are using company-issued devices for not only work, but also personal tasks like shopping and banking, which is putting entire networks at risk of being breached. To mitigate this risky behavior, organisations must make it a priority to adopt a Zero Trust security approach to prevent cyberattacks before they happen and ensure that they’re protected if they do fall victim to bad actors.