HONG KONG, CHINA – Media OutReach – 13 July 2020 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), the
global leader in cloud security, released survey results that show how remote workers address
cybersecurity. Nearly three quarters (72%) of remote workers say they are more
conscious of their organisation’s cybersecurity policies since lockdown began,
but many are breaking the rules anyway due to limited understanding or resource


Trend Micro’s Head in the Clouds study
is distilled from interviews with 13,200 remote workers across 27 countries on
their attitudes towards corporate cybersecurity and IT policies. It reveals
that there has never been a better time for companies to take advantage of
heightened employee cybersecurity awareness. The survey reveals that the
approach businesses take to training is critical to ensure secure practices are
being followed.


The results indicate a high level of security
awareness, with 85% of respondents claiming they take instructions from their
IT team seriously, and 81% agree that cybersecurity within their organisation
is partly their responsibility. Additionally, 64% acknowledge that using
non-work applications on a corporate device is a security risk.


However, just because most people understand
the risks does not mean they stick to the rules.

For example:

  • 56% of
    employees admit to using a non-work application on a corporate device, and 66%
    of them have actually uploaded corporate data to that application.
  • 80% of
    respondents confess to using their work laptop for personal browsing, and only
    36% of them fully restrict the sites they visit.
  • 39% of
    respondents say they often or always access corporate data from a personal device
    — almost certainly breaking corporate security policy.
  • 8% of
    respondents admit to watching / accessing porn on their work laptop, and 7%
    access the dark web.


Productivity still wins out over protection
for many users. A third of respondents (34%) agree that they do not give much
thought to whether the apps they use are sanctioned by IT or not, as they just
want the job done. Additionally, 29% think they can get away with using a
non-work application, as the solutions provided by their company are ‘nonsense.’


Dr Linda K. Kaye, Cyberpsychology Academic at
Edge Hill University explains: “There are a great number of individual
differences across the workforce. This can include individual employee’s
values, accountability within their organisation, as well as aspects of their
personality, all of which are important factors which drive people’s
behaviours. To develop more effective cybersecurity training and practices,
more attention should be paid to these factors. This, in turn, can help
organisations adopt more tailored or bespoke cybersecurity training with their
employees, which may be more effective.”


“In today’s interconnected world, unashamedly
ignoring cybersecurity guidance is no longer a viable option for employees,”
said Bharat Mistry, Principal Security Strategist, Trend Micro. “It’s
encouraging to see that so many take the advice from their corporate IT team
seriously. Having said that, there are individuals who are either blissfully
ignorant or worse still who think cybersecurity is not applicable them and will
regularly flouter the rules. Hence having a one size fits all security
awareness programme is a non-starter as diligent employees often end up being
penalised. A tailored training programme designed to cater for employees may be
more effective.”


The Head in the Clouds study
looks into the psychology of people’s behaviour in terms of cybersecurity,
including their attitudes towards risk. It presents several common information
security “personas” with the aim of helping organisations tailor their
cybersecurity strategy in the right way for the right employee.

About Trend Micro

Trend Micro Incorporated, a global leader in cybersecurity
solutions, helps to make the world safe for exchanging digital information. Our
innovative solutions for consumers, businesses, and governments provide layered
security for data centers, cloud environments, networks, and endpoints. All our
products work together to seamlessly share threat intelligence and provide a
connected threat defense with centralized visibility and control, enabling
better, faster protection. With more than 6,000 employees in over 50 countries
and the world’s most advanced global threat intelligence, Trend Micro secures
your connected world. For more information, visit www.trendmicro.com.hk.