Nearly 1 in 4 Companies Facing More Cyber Risks During Pandemic

Nearly 1 in 4 Companies Facing More Cyber Risks During Pandemic

Transition to remote working has created new vulnerabilities
A laptop with a dark background

As workers across the country have been adapting to a remote workforce, it appears hackers have been doing so, too.

Nearly a quarter of information technology workers — 24% — said their organization’s cybersecurity risk has grown during the pandemic, according to a survey by Netwrix, an Irvine, Calif.-based information security company.

While increased hacker activity and human error are both partly to blame, some companies have stepped up their cybersecurity practices as a result.

Remote working fueling the increase

Even before the pandemic, cybercrime was a problem. In fact, a 2019 survey by ValuePenguin found that 43% of Americans have been the victim of a cybercrime.

Of the companies that believe they have become more at-risk since the pandemic started, 63% said they have noticed an increase in the frequency of cyberattacks targeting their organizations. On top of that, 60% said the transition to remote working has created new security risks as employees share information while working from home.

Some fault lies with employees, as 58% of companies said that employees ignored cybersecurity policies and guidelines designed to keep companies safe. Indeed, many workers have found themselves enjoying new freedoms without the oversight of managers and other colleagues in the workplace.

However, fault also lies with company leadership. More than 8 in 10 chief information security officers — 85% — admitted that they had to sacrifice the cybersecurity of their companies when navigating the quick transition to remote work.

Cyber threats come in various forms

When asked what types of incidents have compromised cybersecurity since the move to remote working, the most commonly cited threat was phishing, a cybercrime in which a criminal secures personal or sensitive information from someone by sending a deceptive email posing as a legitimate entity. Among respondents, 48% said they had experienced phishing incidents in their organizations.

That was followed by:

  • Admin mistakes (27%)
  • Improper sharing of data by employees (26%)

Notably, a quarter of respondents said their companies had experienced malware attacks, in which malicious software is deployed to inflict harm on the victim, such as by stealing sensitive information.

Some employers are also concerned about employees exploiting the cybersecurity risks that have been exacerbated by remote working. More than 1 in 10 — 14% — of organizations report that they have experienced data theft by employees. However, a much larger percentage of respondents — 66% — said they are anxious about the possibility.

In response to the growing cybersecurity threats, some companies are stepping up their game. Larger companies are most likely to do so, with 47% of companies surveyed with 1,001 or more employees report taking moves to increase their cybersecurity, though 43% of companies with 101-1,000 employees and 28% of companies with 1-100 employees report doing so as well.

Methodology: Netwrix surveyed 937 information technology professionals across the world in June 2020 to get their assessments of how cybersecurity risk has changed due to the shift to remote work during the pandemic.