Risky Business: Three employee behaviors that expose businesses to cyberthreats
An estimated 75 million U.S. employees shifted to work-from-home (WFH) at the onset of COVID-19, creating the largest employment shift –– as well as one of the most disruptive periods –– that businesses have ever faced. This was especially true for security teams, which had to transition almost overnight from a centralized model to a vastly distributed environment, including a surge of unsecured endpoints, VPN bottlenecks and new vulnerabilities that malicious actors can exploit.
One of those vulnerabilities? Employees. While spearphishing attacks have become increasingly common, they spiked in the first quarter of 2020, playing on fears around the pandemic to get employees to click malicious links or open attachments. But it’s not just the actions of malicious actors putting organizations in harm’s way. Studies have found that employees themselves are engaging in risky online behavior while they’re working from home, often on devices that can access organizational resources. Here are three employee behaviors that undermine security efforts and put valuable corporate data at risk: