Employees’ cybersecurity habits worsen, survey finds

Almost all young people recycle their passwords, often doing so across work and personal accounts.

The prevalence of cybersecurity incidents and the concomitant growing concerns about any organization’s cybersecurity posture haven’t done much to discourage many employees from engaging in poor security habits, a survey has found.

In some respects, employees’ cyber-hygiene is actually getting worse, according to the 2018 Market Pulse Surveyby identity governance provider SailPoint, which gathered opinions from 1,600 employees at organizations with at least 1,000 employees in Australia, France, Germany, Italy, Spain, the United Kingdom, and the United States.

Three in every four respondents admitted to reusing passwords across accounts. In the survey’s 2014 edition, the same was true for “only” 56% of the employees.

Source: SailPoint, 2018 Market Pulse Survey

The generation that has grown up with technology and might therefore be expected to know better fares even worse in this department: no fewer than 87% of people aged 18-25 duplicate their passwords, including nearly one-half who do so across personal and work accounts.

In addition, 31% of the respondents admitted to having deployed software without the authorization of their respective organization’s IT department in a practice dubbed “shadow IT” – an increase from 20% in 2014. Such willingness to skirt considerations of security, across all age groups, was largely attributed to workers’ efforts to boost their work efficiency.

A sense of disconnect between the employees and the IT teams is also seen in that more than one-half (55%) of the respondents said that their organization’s IT department can be a source of inconvenience.

In fact, 13% of employees admitted they would not immediately alert their IT team should they think that they had been hacked. Indeed, nearly the same share (49%) of employees said that they would actually blame the IT department for a cyberattack if it occurred as a result of an employee being hacked.

Even in the absence of malicious intentions, however, intentionally skimping on security adds to the range of myriad risks that not only large organizations face at present. This is unfolding against the backdrop of challenges introduced by the ongoing digital transformation and efforts of businesses to keep up with the requirements of today’s digital era.

written by Tomas Foltyn, ESET We Live Security


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s