Workers Are Taking Cybersecurity Shortcuts, Despite Knowing Dangers

New research from ThycoticCentrify reveals workers' attitudes to cybersecurity and risks they take to get the job done
New research from 2019 'ASTORS' Award Winner Thycotic reveals workers' attitudes to cybersecurity and risks they take to get the job done

According to new research by ThycoticCentrify, a Platinum Award Winner in the 2019, 2018 and 2016 ‘ASTORS’ Homeland Security Awards Programs, workers are engaging in risky behaviors which could put their company’s digital security at risk, despite knowing the dangers, a global survey of more than 8,000 employees has revealed.

ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, commissioned independent market research specialist Sapio Research to poll workers from around the world to discover if they are following good cybersecurity practices.

The results are disturbing, particularly when considered in the wider context of remote or hybrid working, finding that 79 percent of respondents have engaged in at least one risky activity over the past year.

More than a third (35 percent) have saved passwords in their browser in the last year, a similar number (32 percent) have used one password to access multiple sites, and around one in four (23 percent) have connected a personal device to the corporate network.

Despite almost all respondents (98 percent)* having an awareness that individual actions such as clicking on links from unknown sources or sharing credentials with colleagues is a risk, only 16 percent of respondents feel their organization is at a very high risk of a cybersecurity attack.

Joseph Carson Thycotic
Joseph Carson, Chief Security Scientist and Advisory CISO at ThycoticCentrify

“People working in the cybersecurity sector know how their colleagues should behave when it comes to keeping their devices safe and protecting the wider company,” explains Joseph Carson, Chief Security Scientist and Advisory CISO at ThycoticCentrify.

“But are these messages getting through?”

“We’d urge employers to redouble efforts to encourage the best possible digital security practices in staff and remind them of the risks of failing to secure networks.”

“A ransomware attack or major breach has major consequences which can last for years, so every organization needs to establish security processes and work to ensure they resonate with employees.”

Just 44 percent of respondents received cybersecurity training in the past year, meaning that more than half of the employees surveyed were left to cope alone with the fearsome threat landscape created by home working.

Smaller organizations were the least likely to have given their staff cybersecurity training over the past year.

(Stressed about managing access to your company’s most sensitive data? Then this video was created for you. Courtesy of ThycoticCentrify and YouTube.)

“Remote or hybrid working also poses a particular challenge to security, so organizations should be sure to embed good practices in their staff no matter where they are working from,” Carson continued.

Staff are more likely to rate the cyber risk to their organization as high (55 percent compared to 43 percent) if they have been trained, indicating they have a better understanding of the risks.

Despite knowing that clicking on links from unknown sources presents a risk to an organization, only 16 percent of respondents feel their business is at very high risk of cybersecurity attacks, an assumption contradicted by the 79 percent of respondents who saw an increase in the number of fraudulent and phishing messages in the last year.

U.S. Key Findings Include:

  • 86 percent of respondents in the United States acknowledged that the companies they work for face small to very high cyber risk, however nearly half of all respondents (48 percent) admitted that they have not received any cybersecurity training from their employers in the last year.

ThycoticCentrify
Courtesy of ThycoticCentrify
  • Despite insufficient rates in employee cybersecurity training and a high sentiment surrounding workplace cyber risk, more than a quarter (26 percent) of all US respondents still feel there is fairly low to very low risk associated with allowing family members to use company devices.

  • More than a third (39 percent) of US employees admitted they feel that it’s acceptable to access work systems via public Wi-Fi in order to get work completed.

  • Only 14 percent of US employees cited “role-based access controls” as a priority network security measure implemented by their organization.

Additional Key Findings from the Report Include:

SMBs at higher risk

  • People working in SMBs are least likely to have received cybersecurity training in the past year.

  • Just under half (47 percent) of those who work at companies with more than 5,000 employees underwent training in the last 12 months compared to 20 percent of employees at companies with less than 10 staff and 32 percent at organizations with between 11 to 50 employees.

  • Those at smaller companies perceive their risk to be lower, with just 37 percent of employees at organizations with 1-10 employees saying there is a high risk, compared with 50 percent at organizations with more than 100 employees.

  • Smaller companies were also least likely to have implemented protection such as multi factor authentication (MFA) or Virtual Private Networks (VPNs) compared to larger organizations.

 Personal Responsibility for Security

  • The survey revealed an overarching sense of responsibility among employees, with 86 percent agreeing that they have a personal responsibility to ensure they do not expose their organization to cyberthreats and 51 percent saying they still think IT departments should have sole responsibility to protect companies.

To Download the complete Cyber Security Team’s Guide: Balancing Risk, Security and Productivity report, go to https://thycotic.com/resources/global-cyber-security-research-results-2021/.

(Learn More and download Thycotic’s free, customizable Incident Response Plan Template here. Courtesy of ThycoticCentrify and YouTube.)

* 98 percent based on global respondents that responded ‘high risk’ or ‘very high risk’ to Q5.  

ThycoticCentrify is a leading cloud identity security vendor, enabling digital transformation at scale.

The company’s industry-leading privileged access management (PAM) solutions reduce risk, complexity, and cost while securing organizations’ data, devices, and code across cloud, on-premises, and hybrid environments.

thycoticThycoticCentrify is trusted by over 14,000 leading organizations around the globe including over half of the Fortune 100, and customers include the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies.

Thycotic Took Platinum in Third Consecutive ‘ASTORS’ Awards Program

American Security Today’s ‘ASTORS’ Homeland Security Awards program is today in its Sixth Year and continues to recognize the Outstanding Innovations of top firms and agencies in the Homeland Security and Public Safety fields.

The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition, and keep our Nation safe – one facility, street, and city at a time.

Transportation Security Administration (TSA) Administer, David Pekoske
David Pekoske, Transportation Security Administration (TSA) Administer

American Security Today is pleased to announce TSA Administrator  David Pekoske, will join the organization as a featured speaker at the 2021 ‘ASTORS’ Homeland Security Awards Presentation Luncheon, on November 18, 2021 at ISC East in New York City.

“On the heels of an unprecedented global pandemic, continued unrest in our cities and potentially catastrophic cyberattacks on our nations critical infrastructure, the focus of the 2021 ‘ASTORS’ Awards Luncheon will be on the latest, state-of-the-art innovations that are driving investments in new public security and safety technologies and systems,” said AST Editorial and Managing Director Tammy Waitt.

“As a recognized expert in crisis management, strategic planning, innovation and aviation, surface transportation and maritime security, David Pekoske’s message highlighting his top priorities and challenges for the TSA based on his years of wide-ranging experience will be critical to our attendees internalizing the critical nature of these escalating challenges, and realizing innovative new approaches to meet them.”

Thycotic

  • Best IT Privileged Mgmt Solution

  • Secret Server 10.7

  • Secret Server 10.7 is an industry-leading Cloud privileged access controls, combined with the latest in threat management and full redundancy delivered by Microsoft Azure Cloud Services.

  • Thycotic was also a recognized in both the 2018 and 2016 ‘ASTORS’ Homeland Security Awards Programs.

The 2021 ‘ASTORS’ Awards Program is proudly sponsored by AMAROK, along with Returning Premier Sponsors ATI SystemsAttivo NetworksAutomatic Systems, and Reed Exhibitions.

Nominations are currently being accepted for the 2021 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Comprehensive List of Categories Include:

Access Control/ Identification Personal/Protective Equipment Law Enforcement Counter Terrorism
Perimeter Barrier/ Deterrent System Interagency Interdiction Operation Cloud Computing/Storage Solution
Facial/IRIS Recognition Body Worn Video Product Cyber Security
Video Surveillance/VMS Mobile Technology Anti-Malware
Audio Analytics Disaster Preparedness ID Management
Thermal/Infrared Camera Mass Notification System Fire & Safety
Metal/Weapon Detection Rescue Operations Critical Infrastructure
License Plate Recognition Detection Products And Many Others!
COVID Innovations And Many Others!

 

Don’t see a Direct Hit for your Product, Agency or Organization?

The World Health Organization (WHO) declared the 2019–20 coronavirus outbreak a Public Health Emergency of International Concern (PHEIC) on 30 January 2020 and a pandemic on 11 March 2020. Local transmission of the disease has occurred across all fifty states in the America.

With the unprecedented occurrence of the COVID-19 pandemic, the focus of the safety and security industries has realized the need to increase innovations to address the daily growing challenges.

As such AST aims to make sure these firms and professionals are reflected in the 2021 ‘ASTORS’ Awards Program, so we’d like to encourage you to submit appropriate categories recommendations and include COVID-19 Frontline Professionals in your Nominations to see that these Professionals, Facilities, and Vendors receive the Recognition they Deserve!

Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com.

Register for the 2021 ‘ASTORS’ Luncheon Today

2019 'ASTORS' Awards Program Banquet Luncheon
2019 ‘ASTORS’ Awards Program Banquet Luncheon

At ISC East 2021 you with the opportunity to interact with a broad array of security industry professionals.

ISC East works closely with other businesses in the security and public safety space to help bring together the Northeast’s largest security trade show each year.

In collaboration with premier sponsor SIA (Security Industry Association) and in partnership with ASIS NYC, ISC East is proud to work with and be supported by various associations, trade publications, charities, and more.

Therefore, the ISC audience of security dealers, installers, integrators, consultants, corporate, government and law enforcement/first responder practitioners will be joined by the ASIS NYC audience of major corporate managerial-through-director-level national and global security executives.

The combination of one-on-one conversations with the industry’s top innovators,  integrators and security executives, special events, high-quality education and training, and strong support from industry associations, will allow attendees to learn and evaluate solutions from leading security exhibitors and brands. 

The 2019 ‘ASTORS’ Awards Program surpassed expectations with a record number of nominations received from industry leaders and government agencies, and drew over 200 attendees to the ‘ASTORS’ Awards Presentation Banquet – an exclusive gourmet luncheon and networking opportunity which filled to capacity, before having to turn away late registrants.

Your ‘ASTORS’ Awards Luncheon registration includes complimentary attendee access to ISC East – Thank take advantage of this exclusive luncheon opportunity to take a break from the show – Invite your team, guests, clients and show visitors to a lovely and affordable plated meal event in the heart of New York City, for  a fabulous networking opportunity!

Go to https://americansecuritytoday.com/product/awards-luncheon/ to secure your seat or reserve a table.

***Limited space available so Register Today. There will be no on-site registrations.

Why American Security Today?

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State and local levels of government as well as firms allied to government.

American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers eyes throughout the story with cutting edge editorial that provides solutions to their challenges.

Harness the Power of the Web – with our 100% Mobile Friendly Publications

AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.
AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.

The AST Digital Publications is distributed to over 75,000 qualified government and homeland security professionals in federal, state and local levels.

‘PROTECTING OUR NATION, ONE CITY AT A TIME’

AST Reaches both Private & Public Experts, essential to meeting these new challenges.

Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.

American Security Today

These experts are from Government at the federal, state and local level as well as from private firms allied to government.

AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.

AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.

Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.

To learn more about the 2020 ‘ASTORS’ Homeland Security Award Winners solutions, Check Out the New 2020 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2020 ‘A Year in Review’.

The Annual CHAMPIONS edition includes a review of the ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firms products and services, includes video interviews and more.

It is your Go-To source throughout the year for ‘The Best of 2020 Products and Services‘ endorsed by American Security Today, and can satisfy your agency’s and organization’s most pressing Homeland Security and Public Safety needs.

From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware and Networking Security – Just to name a few), the 2020 ‘ASTORS’ CHAMPIONS EDITION has what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.

It also includes featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2020 ‘ASTORS’ Awards Program.

  • For a complete list of 2020 ‘ASTORS’ Award Winners, click here.

For more information on All Things American Security Today, and the 2021 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

  • Provides named sources
  • Reported by more than one notable outlet
  • Includes supporting video, direct statements, or photos

Subscribe to the AST Daily News Alert Here.