Create the Human Firewall by Identifying Riskiest Users

While the flexibility of hybrid work is a boon to busy workers, security leaders face a challenging new work environment. As remote and hybrid work become permanent fixtures for organizations, businesses increase their human attack surface. Employees have always engaged in risky behaviors, but with the rise of hybrid work, employees now use personal and work devices interchangeably. As a result, their actions may have a hazardous effect on the security of the company. Without a physical office and an on-premises network, remote employees are more vulnerable to cyberattacks.

To gain a better understanding of risky behaviors that employees engage in while working remotely or in hybrid environments, SecurityAdvisor analyzed over 500,000 malicious emails and 500,000+ dangerous website visits made by enterprise employees across 20 different countries. Top Riskiest Behaviors and Employees in a Hybrid Workplace is a new report that reveals the most dangerous users in a typical organization.

SecurityAdvisor discovered that women are far safer than men, with 76% of male employees engaging in risky online behaviors compared to only 26% of their female counterparts. Kellie A. McElhaney, Distinguished Teaching Fellow and Founding Director of the Center for Equity, Gender, and Inclusion (EGAL) at UC Berkeley's Haas School of Business provided some insight into the reasons behind the differences between men and women. Prof. McElhaney explained that men view risk as a game and are taught from a young age to win at all costs. When threatened with a loss or negative outcome, they will do whatever possible to avoid it. Adverse consequences are only levied upon the risk-taker.

Additional highlights from the report include:

  • Senior-level employees, including members of the C-suite, are targeted 50 times more frequently by phishers than the average employee, making them riskier and more vulnerable to attacks.
  • The top 5 riskiest behaviors are:
    Top Five Risky Behaviors

While the actions could be thwarted with simple daily reminders, many organizations still apply a one-size-fits-all approach to security awareness coaching. As data breaches, phishing attacks, and ransomware incidents flood news headlines, it’s evident the current cybersecurity ‘best practices' are not working.

Personalized security awareness coaching has been quantifiably proven to make positive changes in behavior. Personalized microlessons facilitate positive individual behavior that ultimately helps organizations to strengthen their human firewalls. Interested in learning more about how to identify and positively change risky employee behavior? Download the full report.

Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Schedule a Demo