The COVID-19 pandemic has created new challenges for organizations as they adapt to continuously changing workplace models in which remote and hybrid work has become a new normal, and cybersecurity has become a major concern. Awareness is the first step, but as organizations increasingly transition to remote or hybrid workplace models, there is still much more to be done to ensure their infrastructure remains secure.
We recently commissioned a survey in partnership with Angus Reid to analyze the sentiment of IT security in respect to the pandemic and the future of work. The survey also provided a year-over-year comparison to findings from October 2020 to see what’s changed (or not) from the outset of the pandemic to now, and the findings were certainly interesting, to say the least.
Cyberthreats have become a larger concern during the pandemic
According to the survey, working Canadians are more concerned about cyberthreats today than this time last year. In October 2020, 63 percent of working Canadians were concerned about data leakages, identity theft and hackers, 58 percent were concerned about malware, 52 percent were concerned about phishing scams and 40 percent were concerned about ransomware. This year, those figures have increased to 67 percent for data leakage, identity theft and hacker concerns, 66 percent for malware concerns, 58 percent for phishing scam concerns and 40 percent for ransomware. This uptick is a trend we expect to see continue as the pandemic persists, as cybersecurity risks and threats will continue increasing at the same rapid pace as organizations’ digital transformation.
Though the majority of working Canadians have been taking cybersecurity measures seriously since the beginning of the pandemic, as Canadians become accustomed to the remote or hybrid workplace models, the survey results indicate that fewer are placing the same amount of importance on cybersecurity as they were in October 2020. This is concerning as complacency is the ultimate cyberthreat to any organization.
Why home network security is just as important
Encouragingly, more working Canadians in 2021 indicate they are taking device protection and privacy settings very seriously for their work computers, with 66 percent indicating this, compared to 60 percent who said the same in October 2020. However, fewer are taking device protection and privacy settings very seriously for networks and phones, which is dangerous considering the increase in remote networks and personal phones for professional use we’ve seen in the last year.
In 2021, only 54 percent of working Canadians indicate they are taking device protection and privacy settings very seriously for their network, compared to 58 percent in October 2020. Similarly, only 45 percent of working Canadians indicate they are taking device protection and privacy settings very seriously for their phone, compared to 50 percent who said the same this time last year. As remote and hybrid workplace models are on track to continue as we look ahead to a post-pandemic world, this is a trend that raises all kinds of alarm bells in terms of cybersecurity. Network and phone security has become just as imperative as computer security in order for organizations to ensure all private data remains secure, which is why device protection and privacy settings must be taken seriously now more than ever.
It’s 2021… Do you know what your privacy settings are?
Another concerning trend the data revealed is that working Canadians are reviewing their cybersecurity and privacy settings less often than they were last year. This year, the survey found that 26 percent of working Canadians rarely or have never reviewed their cybersecurity or privacy settings, compared to 21 percent who said the same in October 2020. Of the 26 percent who said this, 38 percent say it’s because they simply haven’t thought about it and 29 percent cite their reasoning as they don’t know how. This suggests that organizations must frequently educate and remind employees about the importance of regularly reviewing cybersecurity or privacy settings and conduct regular trainings on how it can be done.
Despite a clear concern among organizations regarding cyberthreats, there is a surprisingly low number of working Canadians who have improved their day-to-day cybersecurity hygiene habits, including using unique passwords and passphrases. The majority of Canadians use unique passwords or passphrases for their phones (77 percent), computers (78 percent) and networks (74 percent), but only 65 percent say the same of smart devices such as iPads. Perhaps more troubling, though, is that even fewer Canadians are protecting their devices this year, with 10 percent fewer using unique passcodes and passphrases to protect their phones, computers, networks and smart devices compared to this time last year. The primary concernsCanadians have around device security can be eased with stronger cybersecurity hygiene practices, and it’s vital that these remain strong as we look ahead to 2022.
Why you need to educate employees to practice proper cybersecurity hygiene habits
In order to mitigate cybersecurity risks, as organizations continue to transition to a remote or hybrid workplace model, it’s critical that each employee understands the continued importance of device protection, privacy settings and day-to-day cybersecurity hygiene habits. Strong workplace cybersecurity measures need to be enforced in the home office as well, and Canadian organizations must prioritize investing in employee education to ensure best practices are followed at all times.
Organizations must take a proactive, ongoing approach to educating the entire workforce about cybersecurity threats and counter measures before someone or something compromises systems, data, reputation or business operations. This includes clearly communicating that cybersecurity must remain a top priority during the pandemic and beyond – and that each employee has a responsibility to be cybersmart. According to the survey, this area is one that needs improvement, with only 48 percent of working Canadians feeling that their organization adequately prepared employees with the security tools and processes needed to work remotely.
Innovation continues to drive new approaches, tools and technologies in the evolving Canadian cybersecurity landscape, and staying up to date is an essential step to ensuring a positive cybersecurity posture. We understand that the implementation process can be challenging and hard to understand, which is why partnering with dedicated cybersecurity experts can help your organization keep your IT environment secure.
How to secure critical resources with Okta Identity Cloud
Okta is a complete access management platform for workforce and customers, securing all critical resources from cloud to ground. The Okta Identity Cloud offers organizations a single pane-of-glass to view and manage access across all applications and user types. This includes features such as single sign-on, multifactor authentication and API access management.
To learn more about CDW’s security solutions and connect with one of our experts today, please visit: https://www.cdw.ca/content/cdwca/en/solutions/cybersecurity.html