Findings from new Cisco survey of local employees benefiting from a flexible work environment highlights the importance of making cybersecurity protocols simpler and integrated while safeguarding the corporate network from attack.
Even though 53% of employees believe that securing their work devices are important and simple to do, there is still a significant portion of the workforce that must become comfortable with cybersecurity practices if hybrid working in SA is to be safe and effective.
- Fewer than 29% of employees trust their companies to keep their data secure in a hybrid work environment
- More than 33% of South Africa’s distributed workforce needs to find ways of circumventing the security measures of their organisations to remain productive.
- One in four employees (24%) choose to use the same password for multiple accounts and applications, putting their business’ network and devices at risk.
- Just 18% say they use a secure password manager for their applications and online services.
Breadth of cybersecurity measures
To protect valuable information, employers are putting certain measures in place, with VPNs, multifactor authentication, and regular software updates being three of the most popular. Interestingly, nearly 60% of South African workers would be willing to embrace facial recognition technology and 87% would feel comfortable using fingerprint recognition to access their network. This compares favourably to the UK where 55% of workers surveyed stating they would be okay to use facial recognition and 69% would be comfortable with fingerprint recognition.
This suggests an increasing familiarity with the biometric authentication methods available to smartphone users. With almost 7 out of 10 SA workers believing that their organisation takes cybersecurity seriously, there is a disconnect with what they believe their responsibilities are in this regard.
Understanding the alternatives
A lack of awareness among employees about security measures is a major factor. So is the perception that following protocol literally wastes time. This underlines the need for continual cybersecurity awareness and educational programmes to ward off data breaches. For instance, less than 40% of SA workers are aware of single sign-on solutions in their organisation to access a range of platforms and apps without having to log in each time and almost 42% of people spend up to 10 minutes daily on dealing with security; less than 2% of their working hours. In the UK, workers complain they spend on average 12 minutes a day on security measures.
Additionally, only 52% of employees know of any internal support resources for reporting incidents and phishing attempts.
Conrad Steyn, CTO at Cisco South Africa, says: “With hybrid work here to stay, employees are increasingly operating from uncontrolled environments, using public and private networks and multiple devices. When individuals don’t know how to protect themselves and their company network against an attack, an entire business could come under siege. In a new and complicated threat landscape, businesses need to focus on both educating employees to keep their communications safer and more secure and choosing integrated security technologies to maximise threat protection.”
Educate, improve, invest
Cisco’s research demonstrates the need for South African companies to improve their security awareness training and educate employees on the importance of reporting incidents and security vigilance in a new hybrid working world. Businesses should work with employees to find security protocols that work for all, helping to make the corporate network the most resilient it can be. Across industries, investing in security solutions that assure both employees and customers of data and network security is now critical.
Conrad Steyn, CTO at Cisco South Africa.