A majority of UK businesses are failing to adequately train their remote working employees to spot security threats, according to new research from iomart.
The cloud services company based its Cyber Security Insights Report on the views of 1167 UK workers at C-level, director, manager and employee level.
It found that over a quarter (28%) of their employers offer no cybersecurity training for the distributed workforce, while a further 42% do but only to select employees.
Of those who were offered training, 82% claimed that it was a short briefing rather than something more comprehensive. Less than a fifth (17%) said they had regular training sessions.
That means, overall, just 8% of those surveyed receive regular security training.
This comes at a time when threats are on the rise. A fifth (20%) of those surveyed reported seeing an increase in cyber-attacks as a result of working remotely.
Cyber-criminals have been targeting remote workers with phishing emails often themed with COVID-19 lures, as well as vulnerabilities in VPN infrastructure and insecure RDP endpoints that can be easily brute-forced or their credentials bought off the dark web.
The number of RDP ports exposed to the internet grew from three million to 4.5 million in the period from January to March 2020, according to McAfee research released in May.
Bill Strain, security director at iomart, warned that organizations still aren’t placing security and data protection at the top of their priority list.
“They need to understand what the potential threats are and build resilience into their business strategy so they can react quickly and maintain operations if their IT systems are compromised,” he urged.
“Many businesses would not survive the operational — let alone financial — impact of a data breach. By understanding the potential risk and introducing positive behaviour around cyber awareness, they have a much better chance of surviving an incident.”
Remote workers are thought of as a potential cyber risk as many may be more distracted at home and likely to click through on phishing emails, whilst their devices may not be as well protected as corporate equivalents.
We're Datek Solutions
Since 1998 we have been managing IT support, solutions and strategy for a range of clients. We have won awards for our excellent customer service and pride ourselves on being transparent. What you see, is what you get.
What makes us different? We don’t use a one-size fit all approach. We get to know your business and everyone in it, what it needs and how we can support you to give the best solutions at the best possible prices.
Above all this, we are committed to keeping it simple for you. If there’s a solution that your company needs, or you already have and it’s essential we support it, we make sure we know everything there is to know about it.
Contact us on 01753 540000 or email us at contactus@datek.co.uk.
News Source: https://www.infosecurity-magazine.com/