‘Fear Fatigue’ Threatens Cybersecurity of Employees Working from Home

Malwarebytes, a leader in real-time cyber protection, announced the findings from its latest survey examining how the impact of the global pandemic and an increasing hybrid workforce is impacting cybersecurity and changing the face of work environments forever, particularly small to medium sized businesses.

“While organizations showed great versatility in shifting to dispersed work environments during the pandemic, it also brought to light the need for an entirely different and more robust approach to security that offers more education and support to employees,” said Adam Kujawa, director of Malwarebytes Labs. “We have more threats coming through on less secure personal networks and a rise in brute force attacks to reach businesses through remote desktop protocols. We need a holistic approach that secures employees no matter what network they are on or what device they are using.”

In the spring of 2020 as the COVID-19 pandemic was beginning, Malwarebytes surveyed 200 IT decision makers (ITDMs) and C-level executives about how the lockdowns affected their cybersecurity practices. Now, 18 months later, Malwarebytes surveyed ITDMs and C-suite executives again. The report, “Still Enduring from Home,” reveals how the ongoing pandemic and resulting remote and hybrid workforce is reshaping how organizations and employees secure data as well as their feelings about cyberthreats.

The new data suggests complacency brought about by fear fatigue is a growing threat for cybercrime and data loss:

  • Malwarebytes’ survey found 61 percent acknowledge that employees experiencing fear fatigue, with 27 percent feeling particularly overwhelmed by fear.
  • Almost 80 percent of respondents reported some level of jadedness or “fear fatigue” within their organization.

Defined as the “demotivation to follow recommended protective behaviors, emerging gradually over time and affected by a number of emotions, experiences, and perceptions, fear fatigue can lead to careless behavior, such as opening an email attachment without properly scrutinizing the sender or neglecting to turn on a VPN while using public WiFi.

Despite the challenges of remote work, ITDMs continued to be confident in employees following security best practices:

  • Most respondents (61 percent) said they think their employees are “very aware” or “acutely aware” of the cybersecurity best practices, only a slight decrease from the initial report of 64 percent.
  • The survey revealed only a small group reported that their employees “don’t care enough” about cybersecurity best practices (3 percent) and a few employees who are considered “reckless” (1.5 percent). While small, this population still poses a large risk as an organization’s cybersecurity posture is only as strong as its weakest link.
  • Hybrid work environments have driven changes in spending on cyber protection:
  • More than 70 percent of respondents said they now spend more on cybersecurity tools, cloud-based software tools, and IT support and management staff.


  • 71 percent saw an increase in the use of password management tools
  • 66 percent reported an increase in the use of VPNs
  • 65 percent increased their use of data management and backup platforms

Despite the increase in spending on cybersecurity tools, 62 percent were concerned about accidentally exposing data, while 51 percent harbored concerns that cloud-based collaboration tools may not offer adequate security especially as use increased significantly.

A significant number (60 percent) also reported spending more on hardware, which is consistent with increased hardware spending in the original report (62 percent) at the beginning of the pandemic, when many organizations provided hardware for remote work environments.

Despite many businesses allowing employees to work remotely for more than 18 months, the use of personal devices by employees for work-related tasks remains rampant with 58 percent of ITDMs reporting that employees are using personal devices to work in some capacity.

To learn more about Malwarebytes report, “Still Enduring From Home,” visit: https:// www.malwarebytes.com/resources/still-enduring-from-home/index.html