Employees Lack Cyber Protection In Lockdown

Uploaded on 2020-05-20 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The effects of the Coronavirus epidemic has blurred the distinction between work and private life for many new remote workers and the shared technology that connects both brings increasing threats to our cybersecurity. 

Part of the problem is security processes that come as second nature in the office environment can easily be forgotten at home, especially when using your own devices. Working from home has boomed during the coronavirus outbreak, but a new survey reports that 73 percent of employees had not received cybersecurity guidance for remote working.

Phishing emails related to COVID-19, increased spam, connecting to compromised WiFi spots and the use of shadow IT by employees were some of the threats and risks of homeworking identified by the survey, which interviewed 6,000 people around the world. 

Accidentally downloading malicious content from an email could lead to devices being infected and business data being compromised.

While it is primarily an employer’s responsibility to ensure that its business can safely continue remotely, employees also have a part to play. Using strong passwords and making use of two-factor authentication for all devices and accounts is a good starting point.

In order to promote secure remote working the experts at Kaspersky recommend that employees know who to contact when facing a security issue, employers should pay special attention to employees who had to work from personal devices and provide them with dedicated policy and security recommendations. 

Also very importantly they should schedule basic security awareness training online, and cover essential practices such as switching on password protection, encrypting work devices and ensuring data was backed up. “The need for teleworking is proliferating amid COVID-19, and getting momentum with the exponential escalation of infected cases and mortalities around the world,” Muhammad Khurram Khan, a cyber security professor at King Saud University in Riyadh, told Arab News.

Home networks were often less secure than internal networks of organisations and could put employees at greater risk of cyber-attacks, with the majority of people never being trained to work remotely in a secure manner during an unexpected situation, added Khan, who is also the founder and CEO of the Global Foundation for Cyber Studies & Research.

Organisations forced to work remotely due to COVID-19 are risking unprecedented cyber security threats from malicious actors.​

Business organisations were more focused on improving the technology and processes while overlooking the human aspect, which was considered to be the weakest link in the security chain. Statistics showed that an alarming percentage of data breaches occurred as a result of human error and the negligence of basic cyber security practices and awareness, he said, so cybersecurity should be considered a critical business issue. 

An effective cyber security awareness program and guidelines specifically designed for teleworking could help reduce the risk of cyber threats aimed at exploiting the human element.

Khan suggested that organisations train and educate their employees about good cyber hygiene practices such as keeping all software up to date, installing a home firewall and antivirus software, using secure Wi-Fi, choosing strong passwords, enabling multi-factor authentication, backing up data regularly, being wary of COVID-19 scams. 

  • They should also report any suspicious incidents, and being vigilant of all unsolicited emails and attachments, which could contain malicious software or could be used for phishing scams.
  • Many workers are significantly more stressed and anxious than normal. This can increase vulnerabilities and could leave workers more susceptible to scams.
  • Remote workers need to be alert to phishing emails and avoid sharing personal or financial information with an unknown source.

Verdict:         INews:       Arab News

For a cost-effective  Cyber Audit Report on your organisation’s cyber security and cyber training please contact Cyber Security Intelligence and we will recommend the right cyber training and audit for your organisation. 

You Might Also Read:

Lockdown Security Apathy Could Be A Big Risk

 

 


 

 

« Nine Million EasyJet Customers Hacked
Paying Cybercriminals A Ransom Will Double Your Recovery Costs »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Alarum Technologies

Alarum Technologies

Alarum Technologies (formerly Safe-T) is a global provider of cyber security and privacy solutions to consumers and enterprises.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Dragos

Dragos

Dragos has built the first industrial cybersecurity ecosystem, the ultimate security defense.

Digital Ship

Digital Ship

Digital Ship provides news, information, conferences and events focused on digital ship systems, information technology and security relating to maritime operations.

Wizlynx Group

Wizlynx Group

Wizlynx services cover the entire risk management lifecycle from security assessments and compliance to the implementation of security solutions and provision of Managed Security Services.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

IDECSI

IDECSI

IDECSI delivers cutting-edge technology and engages all employees in the security system for effective and cost-efficient data protection.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.