Despite Being Aware of the Risks, Almost Half of Workers Admit to Opening Emails They Considered to be Suspicious

Nov 02, 2020

Despite Being Aware of the Risks, Almost Half of Workers Admit to Opening Emails They Considered to be Suspicious Image

Earlier this week new research by Mimecast Research, an email security and cyber resilience company, reported staggering numbers regarding risky behavior by employees using company-issued devices. Most alarming was that despite 96% of respondents claiming to be aware that links in emails, social media sites, and websites can potentially infect their devices, 45% of respondents admitted to opening emails that they considered suspicious. This is also in spite of almost two-thirds of surveyed employees (64%) receiving cybersecurity awareness training related to working remotely during the COVID-19 pandemic.

A shift to remote-work has exacerbated an existing problem, the blurring of personal and professional conduct on company devices, with approximately 60% of respondents increasing the frequency at which they use company devices for personal use. This has put companies at greater risk of compromise. Activities such as checking personal email (47% of respondents), carrying out financial transactions (38% of respondents), and online shopping (35% of respondents) unnecessarily increase the number of interactions employees have with potentially malicious material.

Although most of these employees can recognize suspicious material and receive some form of training on the subject, they are still clicking on suspicious content. Now remote-work is exacerbating the problem, so what is the solution? To find the solution, it’s important to understand why employees are putting themselves and their companies at risk. Is it curiosity? Is it a lack of awareness? It is more than likely a result of poor or inconsistent training. When it comes to cybersecurity awareness training, not all programs are created equal. This is why Secuvant offers a managed information security awareness and anti-phishing training solution. We work with organizations to custom-tailor the solution to meet their needs based on their specific industry or platforms the organization uses. This level of support and attention to detail is essential if organizations want to help their employees combat the frequency and sophistication of modern cyber-attacks.

About Secuvant

Located in Salt Lake City, Utah, Secuvant is a global leader in integrated cyber threat analytics and risk advisory services, built on a value system of client focus, integrity, accountability, execution, and teamwork. Secuvant’s mission is to provide clients with a Clear Path Forward in their pursuit of establishing an acceptable security risk posture. Secuvant’s success is built upon strict adherence to its values, a functioning world-class advisory board, the unique combination of cybersecurity expertise and industry / vertical specialization, and a team of experts that repeatedly deliver best-in-class managed and advisory cybersecurity and risk services. Secuvant understands Cyber Risk is Business Risk™ and uses methodologies and metrics aimed at minimizing business risk. Services include, but are not limited to, Security Gap and Risk Assessments, Risk Program Management, Executive and Board Cyber Advisory, Penetration Testing, Security Monitoring, Managed Detection and Response and Incident Response services. To learn more visit