Even as companies have increased investment in cybersecurity, the vulnerability of stressed employees often is not addressed, Harvard Business Review reported Jan. 20.
The authors of the report spoke to 330 remote employees and surveyed them on their stress levels as well as their adherence to company security policies. One conclusion the researchers drew: When employees skirt company security rules, vulnerabilities are created in the system that can be exploited by hackers.
The survey found that on average, workers failed to comply with cybersecurity policies roughly once in every 20 tasks. In 85 percent of the cases where employees willingly broke company rules, they said they did so to better accomplish tasks, gain access to necessary information or help others finish their work.
Employees surveyed were also much more likely to break cybersecurity protocols on days when they were more stressed. In addition, some respondents were more likely to break the rules when they thought following them would reduce their productivity.
The authors then recommend that to minimize the cause of many cyberattacks, company leaders should ensure that employees have a healthy environment with minimized stress. Employees with a more manageable workload and who are less stressed may be less likely to flout policies to get work done.