Remote workers exhibit higher cybersecurity awareness

Remote workers possess more conscientiousness about cybersecurity than their on-site counterparts.

This was the conclusion of a recent study published in the journal Computers and Security. It noted that, in general, many companies believe the rise of remote work is eroding their cybersecurity: a 2021 AT&T survey, for example, found 70% of businesses with more than 5,000 employees believed remote working made their firms more vulnerable to cyberattacks. The paper said these concerns are not necessarily baseless. As the number of end users logging in remotely to a server or network increases, the attack surface will inevitably expand. An expanded attack surface, combined with poor cybersecurity awareness from workers new to remote working, can create an environment that increases the likelihood of successful cyberattacks.

However the study found that those in remote work positions are actually more aware of cybersecurity issues than those who are onsite, and take more measures to guard it. The researchers based this conclusion on a survey of 203 remote workers in the U.S.

"Contrary to widely held beliefs about remote working, the results indicate that remote working is positively associated with cybersecurity awareness and security-based precaution-taking. The findings further show that information security policy compliance moderates the effect of remote working on cybersecurity awareness. In addition, the study reveals that as remote workers gain cybersecurity awareness, they are more likely to apply security-based precaution measures," said the study abstract.

Paradoxically, this fastidiousness in cybersecurity may come not from an abundance of security measures but a dearth of them. Because these workers are not in the office, they're more aware of how vulnerable they are. Conversely, the study said those physically in the office can develop complacency because they assume the company must already have robust cybersecurity measures in place, and so become less likely to take precautions or maintain awareness.

"Arguably, one reason for this behavior is that employees working within the corporate office and boundaries trust their firms to develop, maintain and update security countermeasures to mitigate cybersecurity threats and risks. As a result, these employees are not apt or mindful of security threats and concerns. To this end, cybersecurity awareness among employees can be constrained when working within the organization's corporate offices," said the paper.

As of this year, more than one-third of workers have at least some days that are remote, and 12.7% work fully remote, according to Forbes.

For reprint and licensing requests for this article, click here.
Technology Cyber security Cybersecurity and data privacy due diligence Hybrid Work Work from home
MORE FROM ACCOUNTING TODAY