Mimecast Research  139  0 Kommentare Half of Workers Admit to Opening Emails They Considered Suspicious

‘Check the Box’ Awareness Training has Little Impact on an Organization’s Security Posture

LEXINGTON, Mass., Oct. 27, 2020 (GLOBE NEWSWIRE) -- Mimecast Limited (NASDAQ: MIME), a leading email security and cyber resilience company, today released new research which highlights the risky behavior of employees using company-issued devices. More than 1,000 respondents in countries throughout the globe were asked about their use of work devices for personal activities and how aware they are of today’s cyber risks. The results highlighted the need for better awareness training, as people are clicking on links or opening suspicious emails despite having been trained.

Earlier this year, an urgent request for IT teams across the globe was to ensure the efficient issuance of laptops and other computing devices to employees, as much of the workforce started working remote due to the novel coronavirus pandemic (COVID-19). A key priority for IT professionals was to then ensure their IT and security policies were ready for the rush to remote work.

The Blurring of Personal and Professional Life

Mimecast’s research found that 73% of respondents extensively use their company-issued device for personal matters, with nearly two-thirds (60%) admitting to an increase in frequency since starting to work remote. The most common activities were checking personal email (47%), carrying out financial transactions (38%) and online shopping (35%). According to the State of Email Security 2020 report, personal email and browsing the web/shopping online were already two areas of major concern for IT professionals. Seventy-three percent said there was a risk to checking personal email as the cause of a serious security mistake, and 69% thought surfing the web or online shopping could likely cause an incident.

Awareness Training Doesn’t Always Mean Correct Behavior

Encouragingly, 96% of respondents claim to be aware that links in email, on social media sites and on websites can potentially infect their devices. Sixty-four percent have even received special cybersecurity awareness training related to working from home during the pandemic. However, this doesn’t always translate into putting this knowledge into practice. Nearly half (45%) of survey respondents admitted to opening emails that they considered to be suspicious. The same percentage admitted to not reporting suspicious emails to their IT or security teams. The research also highlights themes of a strong disconnect in certain countries. The US and UAE both had the majority of respondents (78% and 81% respectively) stating that they’ve had special awareness training this year, yet 60% (USA) and 61% (UAE) still opened emails they considered to be suspicious.