Where do you draw the line for your organization’s cyber protection? At the perimeter of your building? At the limits of your physical infrastructure? Or out to all company-issued endpoint devices, wherever they may be?

BlackBerry recently conducted new research in Europe revealing key gaps in organizational security, particularly those related to remote employees. Findings indicate that corporate endpoint devices deployed in employees’ homes frequently share networks with a growing number of “smart” — and potentially insecure — domestic devices. We further found that remote employees do not prioritize security when they purchase IoT (Internet of Things) devices for their homes. (See the BlackBerry infographic for more research detail). 

Let’s look at some of the results of the study, where BlackBerry asked 4,000 homeworking employees across the UK, France, Germany, and the Netherlands for insight on their smart device purchase decisions, and provision for home security by their organizations. The results highlight a substantial – and growing – gap in cybersecurity protection.

Across Europe, consumers are adopting and installing a record number of new smart technologies in the home – from connected appliances to electric vehicle (EV) charging stations, to wireless security cameras, doorbells, and thermostats. 

In the Netherlands, 4.5 million households implemented smart devices at home in the past year. In the UK, more than 15 million households installed a smart utility meter to monitor their own electricity usage — following a 2021 energy crisis where prices surged. And in Germany, homeowners are implementing smart thermostats that promise cost and energy savings of 20% or more.

At the same time, the research reveals that cost-conscious buyers fail to prioritize security in their smart device purchases. 

75% say their employers have taken no steps at all to secure their home internet connections or to provide software protection for home devices. 

Together, this can dramatically heighten the risk of cyberattacks for both businesses and their employees, as hybrid and home-based working become the norm. When consumers drop their guard to focus on price, and businesses don’t extend their security cover to compensate, cybercriminals can take advantage of these unsecured access points. That can lead to the theft of valuable personal and corporate data.

As the diversity and complexity of the IoT ecosystem increases, so does the opportunity for cyberattacks. European Commission President Ursula von der Leyen summed it up during remarks on cybersecurity: “If everything is connected, everything can be hacked.”

Even the most innocent of home devices can allow bad actors to access home networks — often with connections to company-owned devices, or company data residing on consumer devices — leaving organizations vulnerable. Our research reveals that too often, the responsibility to safeguard these connected devices is left to the employee and device manufacturers.

Adding to this challenge is the recent global hike in the cost of living, along with escalating geopolitical conflicts and a growing cybersecurity insurance gap. Past developments, similar to these, created the ideal recipe for increased cyberattacks. For example, cybercrime increased during both the global financial crisis of 2008-2009 and again during the height of the COVID-19 pandemic.

Such periods of economic instability and social disruption tend to compound the challenge of implementing more effective cybersecurity, and the current proliferation of hybrid and home working practices — especially in homes that are getting “smarter,” but not necessarily more cybersecure — means we may experience a similar spike in cyberattacks during the coming months

Crucially, organizations need to include devices beyond their immediate reach as they consider their cybersecurity protection while preparing for challenging economic times ahead.

How can organizations help close this work-from-home cybersecurity gap? Here are three places to start:

Hans-Peter Bauer is Senior Vice President EMEA, at BlackBerry.

© 2022 BlackBerry Limited. All rights reserved.