HP has released its HP Wolf Security Blurred Lines & Blindspots Report, a comprehensive global study assessing organizational cyber risk in an era of remote work.
The report shows that changing work styles and behaviors are creating new vulnerabilities for companies, individuals, and their data. According to the findings, 70% of office workers surveyed admit to using their work devices for personal tasks, while 69% are using personal laptops or printers for work activities. Almost one-third (30%) of remote workers surveyed have let someone else use their work device.
KuppingerCole, an international, independent analyst firm that contributed to HP’s report, notes there has been a 238% increase in global cyberattack volume during the pandemic.
“As the lines between work and home have blurred, security risks have soared and everyday actions such as opening an attachment can have serious consequences,” comments Joanna Burkey, Chief Information Security Officer (CISO), HP Inc.
HP’s report coincides with the launch of HP Wolf Security, the company’s newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services.
The study provides a multi-dimensional view by combining findings from: a global YouGov online survey of 8,443 office workers; a global survey of 1,100 IT Decision Makers (ITDMs), conducted by Toluna; real-world threat telemetry gathered from customers within HP Sure Click Virtual Machines; and analysis from KuppingerCole.
Key findings include:
76% of office workers surveyed say working from home during COVID-19 has blurred the lines between their personal and professional lives.
27% of office workers surveyed say they know they are not meant to share work devices but felt they ‘had no choice’ – yet 85% of ITDMs worry such behavior increases their company’s risk of a security breach.
Half of office workers say they now see their work devices as a personal device, while 84% of ITDMs worry such behaviour increases their company’s risk of a security breach.
Over the past year: 54% of ITDMs saw an increase in phishing; 56% an increase in web browser related infections; 44% saw compromised devices being used to infect the wider business; while 45% saw an increase in compromised printers being used as an attack point.
Blurred lines between home and office creating new risks
71% of employees surveyed say they access more company data, more frequently, from home now than they did pre-pandemic – with the most common types of data being accessed being: customer and operational data (43% each) and financial and HR records (23% each).
According to KuppingerCole, there was a 54% increase in malicious actors exploiting gaming platforms between January and April 2020, often directing users to phishing pages.
HP Wolf Security’s Threat Insights showed an increase in gaming-themed malware; with Ryuk ransomware and samples of stealthy JavaScript downloader malware, Gootloader, masquerading as Fortnite hacks.
Office workers connecting to corporate networks with insecure devices
37% used a personal PC/laptop to access work applications.
32% used their personal PC/laptop to access the main corporate network and servers.
Over a third (34%) used their home printer to scan and share documents with colleagues and customers.
One in five (21%) have used their home printer to save files to the network over the VPN.
The endpoint as the first line of defense
82% of office workers surveyed said they had worked from home more since the start of the pandemic than previously, while 39% expect to predominately work from home post-pandemic or split their time equally between home and office-based working. Therefore, many of these risks will remain once the world returns to ‘normal’.
91% say endpoint security has become equally important as network security
Introducing HP Wolf Security
In response to these challenges, HP has announced HP Wolf Security: a newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services to protect customers from growing cyber threats.
(Image Courtesy: www.neat.com)