Companies open themselves to cyber attack

Home News Companies open themselves to cyber attack

Go Back to News
Posted On - 14/04/2021
Posted By - Glass Times Web

Two out of three companies put themselves at risk of cyber attack by not changing their passwords, according to a recent report, with construction companies among the worst offenders.

A study of 1,247 workplaces by cybersecurity experts VPNoverview.com found that two-thirds of businesses (66%) don’t have, or don’t enforce, password rotation policies.

While it is advised that you should change your password every 60-90 days, a significant number of workers (46%) confess to ignoring this advice and are therefore leaving themselves open to risk.

Of the companies that do have password rotation policies in place, 45% of employees confess that they didn’t know these policies actually existed.

57% who did know about their company’s password protection policies revealed they do not adhere to them by regularly changing their password, and of those who do adhere, 63% will simply use the same passwords on rotation.

For the companies without password rotation policies, only 7% of employees bother to regularly rotate or change their passwords.

The main reasons workers cited for not changing their passwords were: they are worried they will forget their password (57%); regularly changing passwords is annoying (48%); and they don’t see the point (45%)

When asked if they worried about the risk of a data breach due to a lack of security, 37% of education workers said it had never crossed their mind, while 28% confessed to not being concerned.

The research also found that managers and C-suite staff were more likely to not follow password rotation policies (38%), with entry-level employees not far behind (34%).

The types of businesses leaving themselves most vulnerable to cyberattacks by not regularly rotating passwords are accountancy and finance (34%), construction (31%) and education (26%).

David Janssen, security researcher and founder at VPNoverview.com, said: “Password rotation is such a simple policy that both businesses and employees can put in place to safeguard and protect their work. Changing your password every two to three months is a really effective way to deter cyberattacks, and although yes, some may find it frustrating, it could save a lot of heartache down the line.”