Younger employees and caregivers report more stress than other groups– and more shadow IT usage. Stressed-out employees in a remote-working world could be a major contributor to poor cybersecurity postures for companies, according to a survey.
Forcepoint polled 2,000 office workers in Germany and the U.K., to better understand cybersecurity practices among remote workers. Among other findings, the survey found that younger employees as well as people caring for children or other family members reported more stress in their lives, as well riskier IT behaviors when compared to other demographics.
For instance, 67 percent of employees under 30 said they use shadow IT (unsanctioned apps, services and equipment) to help them to perform certain tasks more easily, compared to 27 percent of older workers.
Also, 55 percent of the younger group reported making more mistakes when working from home, such as copying in the wrong people into emails – in comparison, only 17 percent of the over-30s reported such mistakes. And, nearly two-thirds of the younger group (63 percent) stated that distractions while working from home negatively impact decision-making, compared to 26 percent of older people.
It’s unclear if the relationship between security behavior and stress is causal, but it’s still a correlation that leaps off the page, according to Forcepoint.
“Differences in behaviors may in part reflect natural age-related tendencies in risk-taking, but the level of disparity between the two groups is both consistent and extreme,” said Margaret Cunningham, principal research scientist at Forcepoint, in a Thursday posting on the findings. “This could indicate that natural risk-taking tendencies are exacerbated by prolonged periods of stress and a challenging work climate.”
And indeed, the survey also found that more than two thirds (70 percent) of younger employees have trouble focusing because of their stress level, compared to 29 percent of older workers, and 77 percent said they feel the pressure to be available outside of normal working hours, compared to less than half (46 percent) of older workers.
More than three quarters (78 percent) of younger employees also reported that they feel stressed out by competing demands from their personal and professional lives, compared to 40 percent of older employees.
Caregivers meanwhile also over-index on stress-related behavior that negatively impacts IT security practices. For instance, about half (52 percent) said minor mistakes are a normal part of their days; and distractions that impact decision-making also afflict just over half of the group (56 percent). And, about half (48 percent) admit to using shadow IT.
“We hadn’t expected the study to reveal so clearly a picture of demographic disparities,” Cunningham said. “Lockdown has been a stressful time for everyone…without additional support from employers, young people and caregivers could continue to deviate further from pre-set and learned IT security rules, exposing their companies to further increased security risk.”
She added that companies need to accept the pervasive use of shadow IT, which exposes organizations to increased cybersecurity risk. But, employers should also provide better emotional and personal support.
“Leaders must proactively help employees deal with increased and prolonged levels of stress and anxiety, paired with additional interruptions,” she said. “Burnout is not only a risk for individual employees, but also impacts organizational resilience and personnel resource management needs.”
Original article: https://threatpost.com/employee-lockdown-stress-cybersecurity-risk/165050/