Workforce cyber knowledge: impacted by furlough
08:00 Monday, 02 August 2021
UK Cyber Security Council
As the government’s pandemic-inspired furlough scheme winds down and more people finally return to work, it’s an appropriate time to revisit a November 2020 report from security firm KnowBe4, which revealed that 37% of workers returning from Covid-19-related furlough had received any form of security awareness training in the last year.
The report “Furloughed Workers: A Second Wave, a Second Look” surveyed 1,000 employees in the UK and the Republic of Ireland who use email in their roles and had been placed on furlough during the pandemic. The report also points out that a quarter of respondents indicated that they had received at least one “phishing” email directly relating to Covid-19 or the furlough scheme.
It also looks specifically at users’ activity on their return to work post-furlough. Only 13% said they had reported a suspicious email that they found in their inbox on their return, while slightly more - 14% - took what Knowbe4 terms the “nuclear option”: to delete the contents of their inboxes (or hive them off to an archive) and begin from scratch.
The report goes on to look at the training users had received whilst on furlough, noting that although day-to-day work was not permitted under the rules of furlough, employees were still permitted to undertake employer-provided training. 22% said that they had done some employer-led security awareness training, with a further 13% doing similar training off their own bats.
“Unfortunately”, continues the report, “41% of respondents stated that their company has never offered a security awareness training course”.