You already knew remote workers increase the risk of cyberattack. New data spells out exactly what the impact of a remote workforce is on data breaches and the cost to remediate.
The hybrid workforce is here to stay, so it’s important to understand the ramifications to cybersecurity in order to better assess the risk posed. I’ve written before about how remote workers adopt bad cybersecurity habits while working from home, as well as the increase in security threats because of remote working. But now we have concrete data that shows when a remote workforce is involved in causing a data breach, the results are far worse.
According to the IBM Security’s 17th Annual Cost of a Data Breach report, the average data breach now costs $4.24 Million – an increase of nearly 10% from last year’s average of $3.86 Million. This latest version of the report takes the time to carve out the impact of having a remote workforce. According to the report:
- 5% of the data breaches involved remote workers
- The average cost of a breach was $1.07 million higher in breaches where remote work was a factor in causing it
- Organizations with more than 50% of their workforce working remotely took 58 days longer to identify and contain breaches (and it should be noted that the average number of days is 287, making this nearly a year’s time!)
Now, the answer here is not eliminate the remote workforce. Instead, look at what’s causing the breaches and put controls and solutions in place to stop it.
According to IBM Security, the number one initial attack vector in successful data breaches is compromised credentials – something most phishing emails are after. It’s imperative that organizations address these documented risks in a way that elevates the remote workforce’s security stance, regardless of the location or device they work on. This should include Security Awareness Training to enhance the workforce’s sense of vigilance when interacting with email and the web, reducing the risk of attacks intent on compromising credentials and causing a data breach.
Request A Demo: Security Awareness Training
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW