Heightened stress and remote working lead to increase in cybersecurity challenges for businesses, finds Cyberchology paper

HR and IT teams must work together to develop cybersecurity awareness training that considers personality, particularly in times of heightened stress, finds Cyberchology: The Human Element @themyersbriggs @ESET

• 47% of people are concerned about their ability to manage stress during the coronavirus crisis

• 80% of companies say that an increased cybersecurity risk caused by human factors and personality related blind spots has posed a challenge during the pandemic

London, UK, 8 December 2020: Heightened stress and remote working have led to businesses experiencing an increased cybersecurity risk due to human factors during the COVID-19 pandemic. This is according to Cyberchology: The Human Element, a new report that explores the role employees and their personalities play in keeping organisations safe from cyber threats.

Cyberchology research investigates the attitudes of 2,000 consumers and over 100 Chief Information Security Officers in the UK, with psychological research examining the link between cybersecurity, personality, and stress in a virtual world. Cyberchology is a partnership that has been running since 2019 between ESET, a global leader in IT security, and The Myers-Briggs Company, one of the world’s leading business psychology providers.

The report found that stress affects different personality types in different ways, meaning that each individual employee has their own specific blind spot when it comes to cybersecurity. Research highlighted that nearly half of respondents were concerned about their ability to manage stress during the pandemic, and over two thirds of consumers were concerned about their cybersecurity but didn’t know what to do about it.

When stress levels are heightened, staff members may be more likely to panic and click on a malicious link or fail to report a security breach to the IT team, depending on their personality type. The paper therefore encourages businesses to implement a holistic cybersecurity strategy, devised by both HR and IT teams, that takes individual personalities into account.

John Hackston, Head of Thought Leadership at The Myers-Briggs Company, commented:

“Cybersecurity has long been thought of as the responsibility of IT departments alone, but in order to build a holistic cybersecurity strategy that accounts for the human factor, IT and HR departments must work together. Using psychometric testing and self-awareness tools, HR can help to identify the makeup of teams and pinpoint potential vulnerabilities. IT teams can use this insight to create comprehensive security protocols and a proactive cyber strategy to stay one step ahead of potential threats.”

Meanwhile, 75% of companies say that half of their business is being undertaken by employees who are now working remotely – but were not doing so before COVID-19, showing a highly dispersed current workforce. With CISOs reporting a 63% increase in cybercrime since the COVID-19 lockdown began, and remote working here to stay for many employees, businesses are more at risk than ever.

Discussing the findings of the paper, Jake Moore, Cybersecurity Specialist at ESET, stated:

“Remote working has brought greater flexibility to the workforce, but has also dramatically altered business processes and systems. The combination of fractured IT systems, a lack of central security, the sudden shift to home working, and a global climate of stress and concern is a perfect breeding ground for a successful cyberattack. The fact that only a quarter of businesses have faith in their own remote working strategy is shocking and shows there is much work to be done to secure working from home.”