With most business owners finding it harder to defend against cyber threats compared to pre-pandemic times, hybrid workers (opens in a new tab) have once again been blamed for the headaches. of cybersecurity.
A new survey from endpoint management provider (opens in a new tab) Tanium found that employees are the "root cause" of preventable security incidents.
Specifically, employees who click on links and attachments sent in phishing emails.
avoidable incidents
According to Tanium, more than half (54%) of those surveyed have seen their staff interact with malicious content sent via email, making it the most common enabler of cyberattacks. In public sector organizations, 64% found preventable security incidents caused in this way. Also, 71% of business owners say it's harder to defend against threats, with the introduction of hybrid workers (post-pandemic).
The second highest preventable incident (50%) is security misconfiguration, which includes things like poor password hygiene or employees failing to protect sensitive data with any type of credentials.
Tanium also says that things would be much better if these companies had the right assets. The third most common preventable incident is the lack of cybersecurity software capable of preventing cyberattacks (47%). In fact, some companies don't even use the most common cybersecurity tools, he added. For example, only 19% use web vulnerability scanners, 17% use penetration testing software, and 11% have used packet sniffers for at least five years.
Going forward, most organizations will look to defend themselves by investing a little more in threat detection and endpoint security. Nearly half (49%) will focus on threat detection in the coming year, while slightly fewer (46%) will focus on endpoint security. Finally, the third highest planned investment area is for data backup and recovery tools (45%).