Bad actors have flooded the enterprise with coronavirus-related attacks, but professionals working from home have other worries, Unisys Security found.
Less than one-third (31%) of Americans said they are concerned about their data security while working from home during the COVID-19 pandemic, a Unisys Security report found. Overall concerns around internet security, including computer viruses and hacking, have dropped since 2019, ranking the lowest among the four primary areas of security in the survey.
These findings are particularly concerning given the rise in cyberattacks during the pandemic: The FBI found that online crimes reported to the Bureau's Internet Crime Complaint Center (IC3) have increased by 400% because of the crisis. The Federal Trade Commision (FTC) also found more than 52,000 cases of reported fraud related to COVID-19 since January 2020.
SEE: Security Awareness and Training policy (TechRepublic Premium)
The Unisys Security Index, released on Tuesday, calculates a score out of 300 that measures consumer attitudes over eight areas of security in four categories. The eight areas include national security, disaster/epidemic, bankcard fraud, financial obligations, virus/hacking, online transactions, identity theft, and personal safety.
The four broader categories consist of national security, financial security, internet security, and personal security. The index score remained at the historical high it found last year of 175, but with the global pandemic, the makeup of this score looks a bit different.
Biggest consumer concerns
With the report being conducted at the start of the coronavirus pandemic, concerns around health, safety, and economic stability naturally rose.
Concerns about disasters and epidemics have jumped to the top three areas of concern, at 62%. Personal safety saw the largest increase, with 58% reportedly seriously concerned. Worries surrounding the other six security areas have fallen, including those related to internet security.
While reliance on the internet has increased dramatically during COVID-19, the majority of Americans (70%) said they are not concerned about the risk of being scammed. Americans were 24% less likely to report a concern about a data breach during the pandemic compared to the global average, the report found.
Only 45% of respondents said they are concerned about the risk of being scammed during the health crisis, which is particularly worrisome given that 98% of cyberattacks are deployed by social engineering methods like phishing, which can be particularly difficult to detect.
"It's not surprising to see people's level of concern for their personal safety jump in light of the global health crisis. However, the fact that it is not only matched by, but exceeded by, a drop in concerns around hacking, scamming or online fraud reflects a false sense of consumer security," said Unisys chief information security officer Mat Newfield, in a press release.
"Hackers target healthcare and essential services organizations looking to steal intellectual property and intelligence, such as details on national health policies and COVID-19 research," Newfield said. "And hackers are relying on tricks like 'password spraying,' which involves an attacker repeatedly using common passwords on many accounts to gain access, putting our most critical infrastructures at risk potentially from the click of a single working-from-home employee."
Looking at concerns across the globe, the report found that since 2019 the majority of regions including the Philippines, Chile, Australia, the UK, New Zealand, and Germany have seen rising worries regarding personal security, such as identity theft and personal safety.
The areas that have had growing national security concerns include Mexico, Chile, Brazil, the UK, and Australia, the report found.
Across the board, nearly all surveyed regions including Mexico, the US, Australia, the UK, Belgium, New Zealand, Germany, and the Netherlands had decreasing levels of concern around internet security.
"This underscores the need for businesses to ensure they are placing a clear and concerted emphasis on proper training for their employees working from home and adopting a Zero Trust security architecture that leverages best practices like encryption and microsegmentation," Newfield said.
How to prioritize security
The report recommended taking three key steps to bolstering security in your organization.
1. Adapt security measures for remote employees
The report urged organizations to make it easier for their remote workers to connect securely. It recommended supplying work from home (WFH) employees with updated VPN connections and more zero trust technology, including always-on encrypted direct access, identity verification tools, and a software-defined perimeter to limit damage from prospective malware attacks.
2. Keep in mind the human side of the employee experience
With all of the chaos of moving teams remote, many organizations can forget to consider the toll this is personally taking on workers. The report recommended staying connected with employees by establishing regular check-ins, virtual lunches, or other tactics that priotizie their well-being when working from home.
3. Utilize emerging tech
Working from home opens up employee laptops and hardware to a slew of new risks, particularly unauthorized access from outside individuals.
For more, check outon TechRepublic.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Kubernetes security guide (free PDF) (TechRepublic download)
- Information security policy (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)