Remote workers follow risky security behavior

Ranjith Kaippada, Managing Director at Cloud Box Technologies.
Ranjith Kaippada, Managing Director at Cloud Box Technologies.
by
3 years ago

Global and regional threat actors continue to exploit human engineering in order to penetrate an organisation’s cyber defense. Real life impersonation through frequent emails, HTML emailers, embedded links, can trick users into believing that the communication is real and authentic.

Well written messages leverage spontaneous human actions getting users into clicking through calls for action. The tendency of users to follow through calls for action, even if they are on bordering on the edge of plausibility, have got further accentuated in these post pandemic months.

Work at home has isolated remote working teams, with insufficient peers around to seek advice. With teams fragmented, threat actors have further chosen to attack individual workers, through impersonation and other click baits, allowing threat actors to penetrate enterprise defenses.

54% are worried remote workers will bring infected devices and malware into the office

With increasing vaccination rates, organisations are keen to bring back remote workers and integrate them as hybrid workers or regular office workers. But there are concerns on both sides, that is from security administrators and returning employees.

Recent research by security vendor Tessian indicates that security heads are aware of challenges related to the impact on business once employees come back to the office.

56% of IT leadership believe employees have adopted incorrect cybersecurity behavior while working from home. 54% are worried remote workers will bring infected devices and malware into the office. 1 in 3 employees think they can get away with riskier security behavior when working remotely and 40% employees plan to bring their personal device into the office.

While the device issue is easy to fix, changing remote employee behavior from risky to less risky, requires continuous education and awareness campaigns.

56% of IT leadership believe employees have adopted incorrect cybersecurity behavior while working from home

When we use the term insider threat, the usual connotation is a malicious employee working against the organisation. But lack of security awareness coupled with accidental errors by employees on a day-to-day basis, are a much higher occurrence, adding to inside threats. According to research by Egress, 84% of breaches were caused by human error and 74% were caused by employees breaking security protocols.

Email remains the most concerning conduit for 64% of IT leaders. Nearly one-third of IT leaders cite lack of security awareness training as the likely cause of a data breach. Having employees receive continuous updates on the latest phishing scams, social engineering tactics, helps to keep them in a state of vigilance that protects the organisation from email-based threats.

1 in 3 employees think they can get away with riskier security behavior when working remotely

Research from Trend Micro and Osterman Research indicate where organisations are strongest and weakest at stopping phishing attacks resulting in ransomware. One part of the problem is how well organisations can stop attacks that leverage employee communications.

Amongst the most effective ways for organisations to protect against phishing threats is training end users on detecting and addressing phishing and social engineering.

Research has shown that at any point of time, approximately 38% of employees within an organisation, will generally fail a phishing test and, therefore, the real thing. Some organisations approach security and phishing awareness training as a routine once a month or once a quarter.

But the right approach is continual education of users, keeping them constantly updated on latest social engineering tactics, and the importance of their role in the organisation’s security.

40% employees plan to bring their personal device into the office

On-going events like the Tokyo Olympics are a classic example of how and when phishing attacks will increase, leveraging employee at work interest. This is also the time to increase employee awareness campaigns to a daily basis, showcasing examples of phishing attacks leveraging the theme of Tokyo Olympics.

Another phishing approach followed by threat actors is to leverage the recall of familiar brands, luring users into believing a communication is genuine. According to the latest data from security vendor CheckPoint, Microsoft is the predominant brand used in phishing attacks. DHL, Amazon, Best Buy, Google, are other brands that are most frequently used in impersonation and phishing emails.

An employee facing campaign that circulates samples of these impersonating templates will help to increase the awareness of how threat actors are targeting employees in their day-to-day work. Using a specialised security training partner to identify where and how to begin with employees can help to reduce the lead time and build robust security awareness and security work practices.


Remote workers are following risky behavior at home and coupled with increased phishing threats, continuous awareness programs are essential.

Don't Miss

Ranjith Kaippada, Managing Director, Cloud Box Technologies.

Industry’s Top Performers: Enabling the cloud to drive business transformation

Cloud Box Technologies or CBT is a systems integrator with a unique
Ranjith Kaippada, Managing Director, Cloud Box Technologies

Dell Titanium partner, Cloud Box presenting smart digital transformation solutions at GITEX 2022

Cloud Box Technologies is set to showcase its range of solutions at