Why some people may take more security risks when working remotely

blog image working from home 3

CybSafe

We are CybSafe. We’re a British cyber security and data analytics company.

April 27, 2020

And a free resource to ensure they don’t…

It’s 9:30am on a Wednesday and CybSafe’s Sam Oliver looks a little odd. 

He’s just joined a regular CybSafe meeting. It’s a meeting to which Sam usually wears business dress. But today Sam is dressed casually. And he isn’t the only one.

People arrive in hoodies. In sweat pants. In baseball caps, even.

Again, it’s 9.30am on a Wednesday. And no-one has mentioned plans to dress down. What has triggered the unanimous switch?

Our environments influence our behaviours

The answer, of course, is the meeting is virtual. The CybSafe Tribe is limiting the spread of COVID-19. So every attendee is working from home. And the shift in our environments has altered our dress-sense en masse.

It’s what psychologists call “schema theory” in action. We’re at home, so we’re following our mental blueprint for how we should behave at home. We leave our shirts in our wardrobes. We favour slippers over shoes.

Schemas influence our behaviours in all areas of life. For example, we shout at football games. But we whisper in libraries. We dress to impress in offices. But we dress casually when we’re at home.

For the most part, schemas are extremely useful. However, it’s easy to see how they could introduce cyber risk to businesses when people work from home…

How home environments can induce cyber risk

When at home, for example, we’re used to using our personal devices. So we might instinctively do the same when working from home. 

Similarly, we might take phone calls without disabling our Google Assistants. We might forego the software updates that’d otherwise be automatic.

As security professionals, we need to acknowledge this. And we need to mitigate additional risks.

Updating schemas boosts our defences

Mitigating the risks is tricky. But it’s not impossible. And that’s because our schemas aren’t static. They’re updated – or even born – when we learn new things. So, as security professionals, we need to develop people’s “working from home” schemas.

For example, we need to ensure people see personal devices as potential portals to customer data. And we need to ensure people default to company-approved devices when working from home. Similarly, we need to ensure people realise home networks aren’t secure by default. And we need to ensure people secure home networks before working from home. How?

We’re giving three CybSafe modules aways for free

At CybSafe, we want to help ease some of the worry and uncertainty that’s emerged in recent weeks. So we’ve decided to make three paid-for CybSafe modules free for a limited period.

The modules help people avoid social engineering and public Wi-Fi threats. They also help enhance the security of devices.

The modules are designed by psychologists, behavioural scientists and security experts, and fuse data science with behavioural science to make your people a cyber defence. To get company-wide access to the content for free, all you need to do is fill in this form.

We can all take steps to help each other through what we’re currently experiencing. Here at CybSafe, we’re glad to be contributing to the global cause.

Post-pandemic, CISOs are overlooking an important cyber defence

Post-pandemic, CISOs are overlooking an important cyber defence

Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”. 

read more