The attitude toward security by employees is worsening according to results from a survey conducted by ESET.

Back in 2014 a similar survey asked employees if they reused passwords across accounts. At the time, 56 percent of employees admitted to doing this.

Fast forward to 2018 and 75 percent of employees surveyed admitted to reusing passwords across accounts.

One might think that the younger work force would be a bit wiser when it comes to security but in fact ESET reports that 87 percent of respondents between 18 and 25 admitted to duplicating passwords. Nearly 50 percent of respondents reuse passwords across work and personal accounts.

The practice of shadow IT is also growing at an alarming rate according to the survey.

Shadow IT is defined as “the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It can encompass cloud services, software, and hardware,” according to Cisco.

As relates to this survey, 31 percent of respondents admitted to deploying software without the authorisation of the IT department. This is a 20 percent increase from 2014.

What’s more is that 55 percent of respondents say that the IT department is a source of inconvenience.

“Even in the absence of malicious intentions, however, intentionally skimping on security adds to the range of myriad risks that not only large organisations face at present,” chief executive officer at ESET South Africa, Carey van Vlaanderen.

“This is unfolding against the backdrop of challenges introduced by ongoing digital transformation and efforts of businesses to keep up with the requirement of today’s digital era,” she adds.

The disconnect between IT departments and employees is worsening and employees must be educated about the dangers of reusing passwords and deploying software without IT’s approval.

In fact the rift between the employees and the IT department is so bad that 13 percent of respondents said they would not alert the IT team if they suspected they had been hacked. Building off of that, 49 percent of employees surveyed said they would blame IT in the event of a cyberattack executed by way of an employee being hacked.

Everybody in a firm has a role to play in security and while the buck might stop at the IT department for some, perhaps companies should be spending a bit more time explaining what responsibilities an employee has when it comes to cybersecurity.

[Image – CC 0 Pixabay]