About a week ago I got a call from a phone number I didn’t recognize. It was a Massachusetts number from out around Springfield. I’ve got family out that way, I figured “Carl, you better answer that.”
It wasn’t a member of my family. It was a con-artist posing as my Internet Service Provider. They told me that since I’ve been such a good and loyal customer, they were rewarding me by upping my internet speed.
It was pretty obvious right from the beginning what was going on. I laughed at them, hung up the phone, and promptly got back to what I was doing. But it got me thinking.
How many people are out there trying to take advantage of people during the Covid-19 pandemic? Both personally and professionally? And how, if at all, has the security landscape changed since people started working remotely?
A recent study from Barracuda Networks offered some insight into that very topic.
The Basics
The study, conducted by an independent research agency on Barracuda’s behalf, is made up of responses from 1,000 business decision-makers across the U.S., UK, France, and Germany.
The Findings
- 51% of responders have seen an increase in email phishing attacks since shifting to a remote working model
- 51% of respondents said their workforce is not proficient or properly trained in the cyber risks associated with remote working
- 46% are not confident their web applications are secure
- 50% have allowed employees to use personal email addresses and personal devices to conduct company work
- 40% of respondents have cut their cybersecurity budget as a cost-saving measure to help tackle the COVID-19 crisis.
- 46% of respondents have already had one cybersecurity scare since shifting to a remote working model
- 49% fully expect to see a data breach or cybersecurity incident in the next month due to remote working
- 50% would consider making workforce reductions if it meant company data protection and security could be properly funded
- 55% say they would have not implemented remote working within the next 5 years, had it not been for the COVID-19 crisis
- 56% plan to continue widespread remote working even after the crisis is over
- 53% report that the Covid-19 crisis had made them accelerate plans for moving all their data to 100% cloud-based model
Thoughts
Oof. Where to start. I’m not surprised to hear that over 500 of the companies surveyed have experienced a phishing attack of some sort, and I question whether or not it has to do with the pandemic or whether people just have more time on their hand to go through their email and think twice about what they’re reading.
On the other hand, 51% of the companies surveyed said they didn’t think their workforce was adequately trained to handle the cybersecurity risks associated with working from home, yet, at the same time, they’re allowing their employees to use personal email addresses and end-points to work from home.
The statistic that 40% of the companies surveyed we’re looking to cut costs during the pandemic and cybersecurity was one of the departments they were looking to slim down. Especially when they say they know to expect a cybersecurity-related incident in the near future or they’ve already experienced one.
Another interesting tidbit is the respondents’ position regarding working from home. More than half said their five-year plan didn’t include a remote working contingency. Now, that the necessity to work remotely has arisen, they plan to continue the course for the foreseeable future.
It’s hard to say what exactly the overlap might be amongst those surveyed but, regardless, there are some interesting, if puzzling contradictions. I’ve reached out to Barracuda for clarification (more defined stats, etc), and if I get them, I’ll post an update.
If you happen to be one of those companies who’re looking to improve your work from home situation, check out our webinar on the 21st. It’s with Scale Computing and Ruckus Networks. We’ll be talking about this very topic.
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.