Table of Contents
The Harvard Business Review conducted a survey of more than 330 remote employees from a wide range of industries to self-report on both their daily stress levels and their adherence to cybersecurity policies over the duration of two weeks.
Employee Stress Leads to Failure of Cybersecurity Policies
HBR found that across its sample, adherence to security conventions was intermittent. During the 10 workdays HBR studied, 67% of the participants reported failing to fully adhere to cybersecurity policies at least once, with an average failure-to-comply rate of once out of every 20 job tasks.
But what led to those breaches in protocol? When asked why they failed to follow security policies, the participants’ top three responses were:
These three responses accounted for 85% of the cases in which employees knowingly broke the rules. In contrast, employees reported a malicious desire to cause harm in only 3% of policy breaches — making non-malicious breaches (i.e., those motivated purely by the need to get work done) 28 times more common than retaliatory ones.
A Paradigm Shift in Cybersecurity Philosophy
Against this backdrop, the imperative for organizations to fortify their cybersecurity measures becomes even more pronounced. In the modern cybersecurity landscape, where every employee potentially serves as a threat vector, the need for technical and business leaders to comprehend the underlying factors contributing to non-compliance is paramount.
The Harvard Business Review’s analysis underscores ..
Support the originator by clicking the read the rest link below.
