The prevalence of cybersecurity incidents and the concomitant growing concerns about any organization’s cybersecurity posture haven’t done much to discourage many employees from engaging in poor security habits, a survey has found.

In some respects, employees’ cyber-hygiene is actually getting worse, according to the 2018 Market Pulse Survey by identity governance provider SailPoint.

Three in every four respondents admitted to reusing passwords across accounts. In the survey’s 2014 edition, the same was true for “only” 56 per cent of the employees.
 
The generation that has grown up with technology and might therefore be expected to know better fares even worse in this department: no fewer than 87 per cent of people aged 18-25 duplicate their passwords, including nearly one-half who do so across personal and work accounts.

In addition, 31 per cent of the respondents admitted to having deployed software without the authorization of their respective organization’s IT department in a practice dubbed “shadow IT” – an increase from 20 per cent in 2014. Such willingness to skirt considerations of security, across all age groups, was largely attributed to workers’ efforts to boost their work efficiency.

A sense of disconnect between the employees and the IT teams is also seen in that more than one-half (55 per cent) of the respondents said that their organization’s IT department can be a source of inconvenience.

In fact, 13 per cent of employees admitted they would not immediately alert their IT team should they think that they had been hacked. Indeed, nearly the same share (49 per cent) of employees said that they would actually blame the IT department for a cyberattack if it occurred as a result of an employee being hacked.

Even in the absence of malicious intentions, however, intentionally skimping on security adds to the range of myriad risks that not only large organizations face at present. This is unfolding against the backdrop of challenges introduced by the ongoing digital transformation and efforts of businesses to keep up with the requirements of today’s digital era.

About the author

Tomas Foltyn is a security writer at Eset, a leading provider of IT security solutions