More than 60 % of Australian employees admit to bypassing their company’s security policies for comfort, according to id security contractor CyberArk. Additionally, many people use non-secure specific equipment to access work programs.
The CyberArk 2024 Employee Risk Survey, which polled 14, 003 employees across the U. S., U. K., France, Germany, Australia, and Singapore in October 2024, revealed that American workers typically agree more with security policies than other countries.
Nevertheless, most are still bypassing computer plans to make their lives easier. Popular workarounds discovered by American employees included using one login across multiple accounts, using individual devices as WiFi hotspots, and forward business emails to personal accounts.
Notice: American employees choosing comfort, speed over digital security
According to CyberArk’s CEO Matt Cohen, the entire findings of the report reveal that “high-risk access is dispersed throughout every work role,” possibly putting sensitive organisational data at greater risk.
American workers have access to sensitive information from individual devices.
According to the CyberArk report, the majority of Australian employees ( 80 % ) use personal devices that frequently lack adequate security controls to access business-critical data on their personal devices. This level of personal computer consumption is considerably higher than the average of 60 % worldwide.
The most prevalent use of personal devices to access work applications was found to be by marketing departments (93 % ), followed by IT teams (93 % ). Concerningly, more than half ( 52 % ) of entry-level employees already had access to critical data with the workplace tools they used.
Australians are among the slowest to upgrade their personal unit security
When vendors release firmware improvements or security patches for their personal or Personal devices, American workers were found to be among the slowest to do so worldwide.
Over a third ( 36 % ) of employees surveyed said they do not install security patches or software updates for all of their personal devices right away. In contrast, 26 % disagreed they generally use a VPN when they access function assets, increasing the risk of attacks.
Employees are a lot more likely to have access to actions that are useful for attackers.
According to the report, numerous different employees can accomplish tasks that would be viewed as extremely valuable by hackers stealing their accounts by having common privileged access to systems:
- 40 % of worldwide respondents said they regularly download user data.
- 33 % of people are capable of changing sensitive or important files.
- 30 % is review big financial transactions.
American workers have a problem with password modify policies.
Password utilize was even common worldwide. According to the report, 49 % of the respondents ‘ login certificates were used for a variety of work-related programs. 33 % of Australian employees choose to log into both personal and business applications and services using the same password qualifications.
Globally, 41 % of surveyed people said they have shared workplace-specific personal data with outside events, which CyberArk said heightened the risk of safety leaks and vulnerabilities.
SEE: The pace of passkey adoption is lagging in Australia
Worldwide, productivity is being prioritized over cybersecurity policies.
Employees around the world are also avoiding cybersecurity regulations to avoid conflict. Among global respondents to CyberArk’s survey:
- 20 % were using personal devices as Wi-Fi hotspots.
- 18 % avoided updating because it took too long.
- 18 % use personal devices regularly instead of company-issued ones.
- 17 % forward corporate emails to personal email accounts.
Some Australian employees don’t follow the rules for using AI tools.
It was discovered that more than 66 % of Australian workers were using AI tools. However, CyberArk cautioned that AI tools can introduce new vulnerabilities, such as when a worker uses sensitive data inside of them.
Nearly 25 % of Australian employees admit to occasionally using AI tools that are unapproved or unmanaged by the organization. This behavior seems to be occurring among Australian employees.
SEE: Splunk urges Australian businesses to obtain LLMs.
Additionally, over a third ( 33 % ) of Australian employees say they either “only sometimes” or “never” adhere to guidelines on handling sensitive information in their use of AI tools.
IT and security experts advise employees to follow best practices.
Post-authentication breaches are expected to become even more frequent as Australian organizations continue to move workflows to the cloud, according to Thomas Fikentscher, CyberArk’s area vice president for ANZ. He argued that businesses shouldn’t rely solely on MFA to stop deceptive activity.
Additionally, according to the CyberArk report, organizations should adopt strategies that empower rather than slow down risky employee behaviors. Security teams must acknowledge that AI is still relevant and that future security controls should be upgraded to take into account AI use in light of the rapid growth in AI use, according to CyberArk.
