Pandemic Burnout is Turning Into a Serious Security Issue

We’re officially almost two years into the COVID-19 and beginning to see the repercussions in many different areas. Supply chains are backlogged, companies are still recovering financially, and in the world of IT, remote work is posing a serious security challenge.

All types of employees are beginning to suffer from significant burnout, and that burnout is starting to put organizations at an increased risk for data breaches and cyberattacks. How does burnout relate to cybersecurity? A study by 1Password shows that nearly two years of remote work due to COVID-19 has left remote workers paying less attention to security guidelines. Burned out employees were found to be 3x more likely to ignore organizational cybersecurity best practices. 

What are some risky behaviors you should be on the lookout for? Here are three prime examples: 

• Downloading software and apps without permission from your IT security team (this has resulted in an increase of shadow IT on networks which poses a severe challenge for IT teams trying to manage it all)
• Unknowingly downloading fake or malicious versions of apps because of inattention – this can result in an avenue for malicious cyber actors to expose employees to malware and other threats to the greater organization 
• Using low security (read: easy-to-guess) passwords for important corporate accounts. Weak passwords allow cyber actors entry points into the greater network to deploy malware or ransomware attacks. We talk more about common passwords and why not to use them in our blog here. 

What’s more, research shows that burnout extends well beyond typical employees and specifically into cybersecurity workers . In a non-pandemic world, cybersecurity staff are on call and alert to counterattack suspicious activity. With burnout high among this subset of employees, the risk is less attention to countermeasures and more chance of attacks sneaking through. 

The research from 1Password found that 80% of everyday workers feel burnout, while a higher 84% of cybersecurity workers reported burnout. The inherent risk is displayed in the numbers —burnout among cybersecurity workers directly results in both  missed security threats and flaws not being fixed in a timely fashion, which unnecessarily exposes the overall organization. 

If you still have a majority remote workforce at your organization and want to be proactive in approaching potential security issues, PK Tech can support your needs. Get in touch with us for an assessment.