Cybersecurity shortcomings exposed by the pandemic

SecureAge announced the release of its study which polled 200 employers and 400 employees from around the UK business world during Q3 2021, and examined key cybersecurity topics and trends.

According to the survey, forty eight percent of businesses have experienced a cyber breach during the COVID-19 pandemic and another 8% ‘were not sure’. In addition, 16% of employees said they had personally had to deal with a cybersecurity incident during the same period.

“COVID-19 created one of the most challenging periods ever for businesses, their staff and IT departments,” said Nigel Thorpe, technical director at SecureAge.

“A new wave of COVID-inspired cybersecurity threats put the most robust defences to the test and exposed failures in planning, training, tools and overall preparedness. The level of breaches and confusion among employees demonstrates how disorganised and fragmented the cybersecurity landscape has become.”

Employers failing to provide cybersecurity training for the remote workforce

While attacks were targeted specifically at the vast number of people forced to work from home, the survey shows that many employers did not provide the level of cybersecurity training to raise awareness of critical threats. Less than 50% of employers that responded said they provided formal training in detecting and handling suspicious emails, password security and protecting sensitive information when working remotely.

“Employers need to deliver more in-depth training or better still, remove the ‘weakest link’ by taking the human element out of cyber security altogether,” said Thorpe. “With a recent KPMG survey showing that 94% of workers said they were stressed last year, having one less thing to worry about has got to be a good thing.”

Shortcomings in cybersecurity are now being addressed

The survey also highlights a lack of trust in cybersecurity defences. Only around a third of employers and employees said that they are “very confident” that their cybersecurity infrastructure would protect them from a cyberattack. The pandemic has exposed shortcomings in cybersecurity that are now being addressed.

The survey shows that 66% of businesses are set to boost their investment in cybersecurity, with around 32% of these planning to increase budgets by up to 50%. Meanwhile, 86% of employers have already begun to adopt new security measures to cope with the remote workforce.

“While companies seem committed to improving their resilience, it’s important that they spend the money wisely,” said Thorpe. “There is an increasing acceptance that it is impossible to prevent every employee clicking on a malicious link or preventing a determined cybercriminal from gaining access to systems and networks.

“It’s time to move away from the ‘castle and moat’ approach and spending thousands on employee training to take back control with a simple data-centric strategy that focuses on protecting the data itself.”