Author Bio ▼

IFSEC Insider, formerly IFSEC Global, is the leading online community and news platform for security and fire safety professionals.
December 22, 2021


Lithium-Ion batteries. A guide to the fire risk that isn’t going away but can be managed

Cyber security

“80% of workers are concerned about personal data being stolen while online shopping”, according to study

Research carried out by cloud security experts, Menlo Security, has revealed increased cyber security risks posed to employees and organisations during the festive season. 

Cybersecurity-Remoteworking-20The new research – which surveyed 2,000 employed people in the United States and the United Kingdom – found that while employees are concerned about threats and are taking some measures to mitigate them, they often have false confidence in their security posture.

There are now more threats to corporate devices and networks than ever as hybrid work models blur the boundaries between work and home.

More than half of respondents (53% UK; 56% US); reported performing non-work-related tasks – such as online shopping – on company devices.

Furthermore, the survey found that 63% of people in the UK (65% US) are doing more online Christmas shopping in 2021 compared to previous years, and nearly half of respondents (45% UK; 48% US), reported shopping for gifts this festive season on a work-issued device such as a laptop or mobile phone.

Workers are also noticing a rise in cyber threats this festive season, with 48% of respondents in the UK (58% US) observing an increase in scams and fraudulent messages, exemplifying that threats are rampant worldwide. This is worrying many people, as the vast majority of respondents report being somewhat to very concerned about their personal data being stolen while online shopping.

However, despite workers’ recognition and concern of cyber threats, 65% of people still believe they’re secure from cyberthreats if they’re using a company device.

“Workers are becoming increasingly aware of the threats that loom while browsing the web, however they have a false sense of security about the level of protection they have when using corporate devices. As a result, they are unintentionally exposing their corporate networks to a slew of vulnerabilities,” said Mark Guntrip, Senior Director, Cybersecurity Strategy at Menlo Security.

“More employees are using company-issued devices for not only work, but also personal tasks like shopping and banking, which is putting entire networks at risk of being breached. To mitigate this risky behavior, organisations must make it a priority to adopt a Zero Trust security approach to prevent cyberattacks before they happen and ensure that they’re protected if they do fall victim to bad actors.

The research also shows that:

  • Employees are aware of potential threats: Out of various online threats, malware is the most recognised in both the US and UK (mentioned by 81% of UK respondents and 76% in the US) This was followed by ransomware, with 61% of UK & US respondents reporting they are aware of this threat; credential phishing at 45% UK & 40% US; and HTML smuggling at 16% UK & 19% US. A total of 12% of respondents (16% US) were not familiar with any of these cyber-attack methods.
  • Employees are taking some measures to protect themselves: Strong passwords were the most popular protective measure reported by respondents globally (71% UK; 75% US.), and 58% of people (59% US) reported they are using anti-virus software to protect themselves when shopping online. Other protective measures include shopping only on websites of familiar retailers (55% UK & US), confirming that URLs/emails do not have suspicious characters (37% UK and 43% US), checking for the lock next to a URL (46% UK and 40% U.S), and having a dedicated card for online shopping (20% UK and 28% US). Only 3% (4% US) claim that they do not take any of these protective measures while shopping online.
  • Generational trends impact shopping habits: The youngest workers (18-24 years old) most often reported an increase in Christmas shopping this season (79% U.K; 76% U.S). There was a lower percentage for each subsequent age group, with 71% (68% US) for those 35-44, and only 39 per cent (40% US) for those over 65 years old. Younger generations may also be more attuned to cyber-threats, with younger groups more often reporting they have noticed an increase in scams/fraudulent messages.

‘Secure by Default’ in the Age of Converged Security: Insights from IFSEC 2019

From data security to the risks and opportunities of artificial intelligence, the conversations at IFSEC International shape future security strategies and best practices. This eBook brings you exclusive insights from these conversations, covering:

  • A Global Political and Security Outlook from Frank Gardner OBE
  • Surveillance Camera Day: Tony Porter launches ‘Secure by Default’ requirements for video surveillance systems
  • Using Drones to Secure the Future
  • Autonomous Cars and AI: Relocating human incompetence from drivers to security engineers?
  • The Ethical and Geopolitical Implications of AI and Machine Learning

Related Topics

Notify of
Inline Feedbacks
View all comments