In the past two years, cybersecurity threats against remote work forces have risen drastically, and employee apathy towards security policies may be partially to blame. Researchers Clay Posey and Mindy Shoss from the University of Central Florida (UCF) interviewed and researched 330 remote workers and found that two-thirds of employees admitted to failing to fully adhere to cybersecurity policies at their company at least once every 10 workdays. When asked why they didn’t follow security policies, a majority of respondents answered that they ignored policies to better accomplish tasks for their jobs or help others get their work done. In fact, employees had malicious intent in only 3% of incidents where cybersecurity rules were broken.
According to CIODive, it is becoming more common for bad actors to approach employees to aid in an attack. Nearly two-thirds of IT and security professionals say their employees have been “approached to assist in aiding ransomware attacks,” while only half of respondents claimed to feel moderately prepared to prevent a ransomware attack.