There is no doubt about it: the world in which we work, live, and play is changing. Some of it is good, and some of it is bad. However, we can all agree that at the heart of this change lies the concept of awareness. (Or in some cases, the lack thereof.)
So how aware are your insiders about the risks involved with things like working remotely during holiday travel? More on that in a minute. (Or, skip to the survey results)
Why Cybersecurity Awareness Matters
At ObserveIT, we are focused on raising cybersecurity awareness and managing risk, particularly when it comes to potential insider threats. That’s why we’ve doubled down on sharing coachable moments, contributing to the user privacy discussion, and delivering a world class insider threat management platform.
We know that the insider threat problem isn’t a faceless, nameless issue. It directly involves the employees, vendors, and contractors who have access to valuable systems, files, and data each and every day. Who, what, why, and how insiders use this access is critical to our collective cybersecurity.
The reality is that everybody is a potential insider threat. That doesn’t automatically make us all monsters or villains. But the more aware we are of the risks associated with our digital actions, the more we can do to manage it.
Which is what led us to survey 1,000 U.S.-based employees, ages 18-65+ on their digital habits when it comes to holiday travel. How aware is the average employee of travel-related cybersecurity threats? Read on, to find out!
Survey Results: Holiday Travel Cybersecurity Risk
Number of employees anticipating the need to bring a work device with them for holiday season travel: 55.3%
Why this statistic matters: The moment that a workplace device is taken out of a more controlled environment, the risk of that device being stolen, damaged, or broken into increases. It essentially amplifies the potential that a malicious individual or group might be made aware of your privileged access to valuable systems, files, and data. (And yes, it is valuable!)
Number of employees who use free / unlocked WiFi using a work computer or phone while traveling: 77%
Why this statistic matters: The way that we access online services can have a dramatic effect on the security of the connection and items accessed, shared, or transferred from one point to another. If you are using an open, unencrypted WiFi network, chances are much greater that someone will obtain access to your system or data being sent and/or received.
Number of employees using free / unlocked WiFi for work email, accessing files, etc.: 63%
Why this statistic matters: It’s one thing to use public WiFi for your personal devices, but quite another for a workplace device. As an employee of an organization, you are a gatekeeper for that organization’s intellectual property. While it may seem harmless, using a workplace device in an insecure environment may make you liable for any damage or theft that may occur. It is always better to be safe, then sorry!
Number of employees using unsanctioned, non-work devices to access work email, files, etc.: 54%
Why this statistic matters: Non-work devices are generally less secure than ones deployed by a company. This is because in many situations, a company will have dedicated staff monitoring the need for system updates and scans. Unless the individual employee wants to take on the risk and responsibility associated with accessing company systems from their own device (not recommended), sticking to a work device is a safer bet.
Number of employees using secure VPN to access work email, files, etc. while working remotely: 55%
Why this statistic matters: While many open or public WiFi networks are insecure, simply connecting to them through a company-sponsored secure VPN can help safeguard the transmission of data, thanks to more powerful encryption capabilities.
Number of employees that leave their work devices unattended while traveling or working remotely: 21%
Why this statistic matters: Thankfully, this number is low, but leaving any device unattended in public while traveling or working is a big no no. The potential for theft, misuse, or illegitimate access is so high here. When it comes to leaving devices unattended…Just. Don’t. Do. It.
Number of employees acknowledging there are cybersecurity guidelines in place for using work devices while outside the office: 51.2%
Why this statistic matters: All things considered, having over half of the 1,000 survey respondents state that they know of cybersecurity guidelines in place is a good start. However, cybersecurity and insider threat training can always be better.
- Connectivity is valued more than security
- Organization-wide guidelines are unclear
- Holiday travel poses additional risk to organizational security
Like what you just read? Be sure to check out our 6 Insider Threat-Focused Cybersecurity Predictions for 2019 to know what our experts believe will happen in the coming year.