1Password's annual State of Access report reveals that distracted employees are twice as likely to do the bare minimum for security at work.

December 13, 2022

5 Min Read

PRESS RELEASE

TORONTO, Dec. 13, 2022 /PRNewswire/ — 1Password, the leader in human-centric security and privacy, today released its annual State of Access Report, Distraction on overdrive: Security in a time of permacrisis. Based on a survey of 2,000 North American workers, the report explores employees' sentiments and behaviors around cybersecurity and other critical aspects of modern work amid persistent global crises this year, coined 'permacrisis.' The findings reveal that sustained burnout, now paired with high levels of distraction, has critical implications for workplace security.

"While we hope the worst of the pandemic is behind us, world events continue to unsettle and distract employees. Mishaps are inevitable – it's not a case of if world distractions will make employees more vulnerable to human error, it's a matter of when," said Jeff Shiner, CEO of 1Password. "That's why it's vital that businesses take security off people's plates by implementing seamless systems that eliminate the need for human action. The easier we can make security, the less it will become yet another distraction. It's a win-win for employees and companies."

The Distraction Vortex
Workers have faced what can feel like an avalanche of crises and concerns over the past year. From the COVID-19 pandemic to the whipsawing financial markets and inflation, workers conveyed a vivid picture of their distraction on overdrive, with 53% related to economic or monetary concerns.

  • Unprecedented stress: 4 in 5 employees (79%) feel distracted on a typical work day, with 1 in 3 employees (32%) saying they're the most stressed they've ever been in their lives.

  • A perfect storm: Top distractions include the Covid-19 pandemic (44%), recession/inflation (42%), economic uncertainty (38%), gas prices (34%), and personal relationships (29%).

  • Missing motivation: More than 1 in 4 employees (26%) say that distractions from world events make it hard to care about their job. This has major repercussions for enterprise security, with distracted workers more than twice as likely as others to do only the bare minimum for security at work (24% vs. 10%).

Security is Sinking In
Despite high-profile breaches and ransomware attacks generating splashy media headlines weekly, silver linings are evident amid the chaos. Awareness of cyberthreats is increasing, and security automation and systems are making headway, counterbalancing human shortcomings around security.

  • Rising awareness: 3 in 4 employees (76%) are aware their individual actions have an impact on their company's overall security, and 82% would care if they caused a security breach.

  • Trusted tools: Nearly 9 in 10 employees (89%) now use authentication products or services such as two-factor (2FA) or multi-factor authentication (MFA), biometrics, password managers and single sign-on.

  • Mythbusting: complexity ≠ security: There's a misperception that if security is too easy, it's not safe. Employees are three times as likely to trust two-factor or multi-factor authentication as they are to trust single sign-on (65% vs. 19%).

Security Slippage
Notable security improvements have been made in recent years, but our research shows that bad security hygiene persists in the modern workplace. Poor password habits are still prevalent, and 50% of employees say the biggest threat their company faces is the prospect of employees falling for scams or phishing attempts.

  • Senior security snafus: Poor password hygiene is notably worse among employees at the level of director and above, with 49% using personal identifiers in their passwords.

  • Password reuse: Despite knowing the risks associated, 1 in 3 employees (34%) reuse passwords.

  • Same device, different gig: One in 10 workers (10%) have used their work computers or devices for a side gig or another job – and tech workers are even worse (19%) – making companies increasingly vulnerable to security risks.

Tech Industry Trouble
Workers in the tech, IT and telecom industries reported being far more distracted compared to their non-tech counterparts. Tech workers are nearly twice as likely as others to say distractions make it hard to care about their jobs, and are more than three times as likely to do the bare minimum around security.

  • Domino effect: Nearly half (46%) of tech industry workers say that distractions from world events make it hard to care about their jobs – compared to 23% of other employees in other industries.

  • Distraction dependency: 39% of tech industry workers say their coworkers are less productive at work because they're distracted by world events – nearly twice as much as workers in other industries (20%).

  • Phoning it in with workplace security: 36% of tech industry workers say they only do the bare minimum when it comes to security at work – compared to 11% of employees in other industries.

"Every crisis creates an opportunity for criminals to exploit victims via social engineering as they take advantage of psychological weaknesses. Many of the traditional human vulnerabilities are at greater risk in a time of permacrisis; curiosity, the power of authority figures, manufactured urgency, greed and other weaknesses will continue to be used to the attackers' advantage," said Troy Hunt, strategic advisor at 1Password and founder of Have I Been Pwned. "As the level of sophistication increases, even the most tech-savvy of us can fall victim to a well-crafted attack, and it's our job in the industry to build more resilient systems and tools."

For more information, read the full report.  

About 1Password
1Password's human-centric approach to security keeps people safe, at work and at home. Our solution is built from the ground up to enable anyone – no matter the level of technical proficiency – to navigate the digital world without fear or friction. The company's award-winning credentials management security platform is re-shaping the future of authentication and is trusted by over 100,000 businesses, including IBM, Slack, Snowflake, Shopify and Under Armour. 1Password protects the most sensitive information of millions of individuals and families across the globe, helping consumers and businesses get more done in less time – with security and privacy as a given. Learn more at 1Password.com.

Methodology
1Password conducted this research using an online survey prepared by Method Research and distributed by Dynata among n=2,000 adults ages 18+ in North America (n=1,400 U.S. + n=600 Canada) who work full-time primarily at a computer. The sample consisted of respondents from any department and title within their company. The sample was equally split between gender groups with a balanced spread across age groups. Data was collected from October 14 to October 24, 2022.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Kuala Lumpur, Malaysia, skyline against the harbor at sunrise
Cyber Risk
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity ProsLicensed to Bill? Nations Mandate Certification of Cybersecurity Pros
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
MITRE Corp's logo in blue
Endpoint Security
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti BugsMITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
byNate Nelson, Contributing Writer
Apr 22, 2024
3 Min Read
A toddy cat (Asian palm civet) on a wooden fence, Indonesia
Cyber Risk
ToddyCat APT Is Stealing Data on 'Industrial Scale'ToddyCat APT Is Stealing Data on 'Industrial Scale'
byJai Vijayan, Contributing Writer
Apr 22, 2024
3 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events