How COVID-19 has impacted cybersecurity in the workplace

The COVID-19 pandemic has affected businesses in many ways, some being more obvious than others. Find how it’s impacted the workplace – and what you can do.

With an increased percentage of the country’s workforce now working remotely, concerns surrounding cybersecurity are on the up.

In light of the pandemic, internet security provider, ESET, and The Myers-Briggs Company partnered to release Cyberchology – The Human Element, a report investigating the link between personality, cybersecurity and stress. 

A new working environment

At the start of the year, no one could have predicted the way the year was going to unfold. As we entered a nation-wide lockdown, switching to working from home appeared to be a short-term solution; for those already stationed at home, very little changed.

Based on 2,000 consumers and over 100 Chief Information Security Officers (CISOs) in the UK, the report found that 75%of companies’ business is now being undertaken by employees working remotely – a considerable amount compared to pre-COVID life.

However, due to the speed at which the pandemic accelerated, businesses found that preparing their employees to work from home with little warning came with its own pitfalls. During the pandemic, new research has found that 80% of companies experienced an increased cybersecurity risk caused by human factors.

This may not come as a surprise to most; without the security of office systems and a readily available IT department, those less familiar with identifying digital threats are easily targeted. Combined with the added mental and physical exhaustion the population have experienced throughout the year, it is easy to see how hackers can effortlessly execute attacks. 

Has cybercrime increased during the pandemic?

Although the link may not be immediately obvious, our characteristics can easily impact something important like cybersecurity and how we protect ourselves.

The way we deal with online threats differs from one person to another – especially outside of our conventional workspace. Based on the Myers-Briggs Type Indicator (MBTI), someone who prefers to ‘think first’ and ‘do later’, or enlist the help of a colleague before proceeding with a task, might be known as a Conserver.

This type of person may not cope well with having to act without detailed, practical information or plans, elements that may be absent outside of the office environment.

This is not to say that this type of person is more vulnerable than others; with CISOs reporting a 63% increase in cybercrime since lockdown began in March, even the more tech-savvy, naturally independent individuals run the risk of falling victim to a malicious cyber-attack.

How does stress impact cybersecurity?

The majority of us – at some point in our careers – will experience high-stress situations. The report details that almost half of the respondents felt anxious towards managing stress during the pandemic – a valid concern given the unprecedented times we have found ourselves in.

The Cyberchology report also found that over two-thirds of consumers were concerned about their cybersecurity, but didn’t know what to do about it. This, combined with the pressure of juggling both work and personal responsibilities, will no doubt have led to opportunists taking advantage of security blind spots. 

You may think that this would have a direct impact on the approach that employers took towards protecting their systems. However, 40% of CISOs reported that COVID-19 had no impact on the size of their IT security budget compared with the previous planned budget, meaning a different mind-set towards cybersecurity should be considered. 

How can employers tackle cybersecurity from a new angle?

We are all aware of the considerable changes our lives – both at home and in work – have seen since the beginning of the pandemic, which ultimately calls for our existing systems to be reimagined.

Based on the findings of the Cyberchology report, companies could benefit from adopting a more holistic approach to cybersecurity training, rather than assuming that a one-size-fits-all method is effective.

Instead, identifying where people’s unique strengths and weaknesses lie will result in a better understanding of how to handle digital threats, providing a more efficient level of protection for businesses in the long-run.

If you would like to read the report in full and learn more about holistic cybersecurity training, you can download the full Cyberchology paper for free. 

Photo by Maxime