Posted on July 10, 2020

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today released survey results that show how remote workers address cybersecurity.

More than four fifths, or 85% of remote workers in Qatar, say they are more conscious of their organisation’s cybersecurity policies since lockdown began – an improvement on the global average of 72%, but many are breaking the rules anyway due to limited understanding or resource constraints. Trend Micro’s leadership in Qatar agreed that organizations in the country have significantly increased their security awareness during the lockdown phase, creating greater business security and agility that bode well for major events set to take place in the country.

Trend Micro’s Head in the Clouds study is distilled from interviews with 13,200 remote workers across 27 countries, including remote working knowledge workers in Qatar, on their attitudes towards corporate cybersecurity and IT policies. It reveals that there has never been a better time for companies to take advantage of heightened employee cybersecurity awareness. The survey reveals that the approach businesses take to training is critical to ensure secure practices are being followed, and are ‘future-proof’ for remote business practices going forward.

The results indicate a high level of security awareness in Qatar, with 82% of respondents claiming they take instructions from their IT team seriously, and 83% agree that cybersecurity within their organisation is partly their responsibility. Additionally, 64% acknowledge that using non-work applications on a corporate device is a security risk. However, just because most people understand the risks does not mean they stick to the rules.

For example:

  • 20% of employees confirm that they usea non-work application on a corporate device without permission. 40% admit to using a non-work application on a corporate device but have asked permission from IT to do so. 42% of them have actually uploaded corporate data to that application.
  • 50% of respondents confirmed using their work laptop for personal browsing, and 81% of them fully restrict the sites they visit.
  • 24% of respondents say they often or always access corporate data from a personal device – almost certainly breaking corporate security policy.
  • 8% of respondents confirm that they play games on their work laptop, and 8% access the dark web.

Productivity still wins out over protection for many users in Qatar. A third of respondents (38%) agree that they do not give much thought to whether the apps they use are sanctioned by IT or not, as they just want the job done. Additionally, 32% think they can get away with using a non-work application, as the solutions provided by their company are ‘nonsense.’ Trend Micro’s Head in the Clouds study looks into the psychology of people’s behaviour in terms of cybersecurity, including their attitudes towards risk. It presents several common information security “personas” with the aim of helping organisations tailor their cybersecurity strategy in the right way for the right employee, including employees who take a conscientious, fearful, ignorant, or ‘daredevil’ approach to cybersecurity.

“Compliance is among the major areas of focus in security for Qatar-based organizations, and this research demonstrates that workers understand and value the need for security compliance to protect their company.  Since lockdown, we have seen a ‘zero tolerance’ approach toward security, particularly in the public sector, while organizations anticipate that they could again have a remote working scenario.  The survey results reflect that Qatari organizations are looking toward major upcoming events to ensure that they are fully prepared with the appropriate people and processes in place, from the largest public sector clients to the mid-sized and emerging businesses,” said Assad Arabi, Country Manager, Qatar at Trend Micro.

“The survey results also demonstrate that in today’s interconnected world, unashamedly ignoring cybersecurity guidance is no longer a viable option for employees in Qatar”, added Assad Arabi. “It’s encouraging to see that many employees are taking the advice from their corporate IT team seriously. Having said that, a small number of individuals may not comply with security policies, and that jeopardizes the entire organization. A ‘one size fits all’ security awareness programme is a non-starter as diligent employees may be penalised, so a tailored training programme designed to cater for employees may be more effective.”