Employees Lack Cyber Protection In Lockdown

Uploaded on 2020-05-20 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The effects of the Coronavirus epidemic has blurred the distinction between work and private life for many new remote workers and the shared technology that connects both brings increasing threats to our cybersecurity. 

Part of the problem is security processes that come as second nature in the office environment can easily be forgotten at home, especially when using your own devices. Working from home has boomed during the coronavirus outbreak, but a new survey reports that 73 percent of employees had not received cybersecurity guidance for remote working.

Phishing emails related to COVID-19, increased spam, connecting to compromised WiFi spots and the use of shadow IT by employees were some of the threats and risks of homeworking identified by the survey, which interviewed 6,000 people around the world. 

Accidentally downloading malicious content from an email could lead to devices being infected and business data being compromised.

While it is primarily an employer’s responsibility to ensure that its business can safely continue remotely, employees also have a part to play. Using strong passwords and making use of two-factor authentication for all devices and accounts is a good starting point.

In order to promote secure remote working the experts at Kaspersky recommend that employees know who to contact when facing a security issue, employers should pay special attention to employees who had to work from personal devices and provide them with dedicated policy and security recommendations. 

Also very importantly they should schedule basic security awareness training online, and cover essential practices such as switching on password protection, encrypting work devices and ensuring data was backed up. “The need for teleworking is proliferating amid COVID-19, and getting momentum with the exponential escalation of infected cases and mortalities around the world,” Muhammad Khurram Khan, a cyber security professor at King Saud University in Riyadh, told Arab News.

Home networks were often less secure than internal networks of organisations and could put employees at greater risk of cyber-attacks, with the majority of people never being trained to work remotely in a secure manner during an unexpected situation, added Khan, who is also the founder and CEO of the Global Foundation for Cyber Studies & Research.

Organisations forced to work remotely due to COVID-19 are risking unprecedented cyber security threats from malicious actors.​

Business organisations were more focused on improving the technology and processes while overlooking the human aspect, which was considered to be the weakest link in the security chain. Statistics showed that an alarming percentage of data breaches occurred as a result of human error and the negligence of basic cyber security practices and awareness, he said, so cybersecurity should be considered a critical business issue. 

An effective cyber security awareness program and guidelines specifically designed for teleworking could help reduce the risk of cyber threats aimed at exploiting the human element.

Khan suggested that organisations train and educate their employees about good cyber hygiene practices such as keeping all software up to date, installing a home firewall and antivirus software, using secure Wi-Fi, choosing strong passwords, enabling multi-factor authentication, backing up data regularly, being wary of COVID-19 scams. 

  • They should also report any suspicious incidents, and being vigilant of all unsolicited emails and attachments, which could contain malicious software or could be used for phishing scams.
  • Many workers are significantly more stressed and anxious than normal. This can increase vulnerabilities and could leave workers more susceptible to scams.
  • Remote workers need to be alert to phishing emails and avoid sharing personal or financial information with an unknown source.

Verdict:         INews:       Arab News

For a cost-effective  Cyber Audit Report on your organisation’s cyber security and cyber training please contact Cyber Security Intelligence and we will recommend the right cyber training and audit for your organisation. 

You Might Also Read:

Lockdown Security Apathy Could Be A Big Risk

 

 


 

 

« Nine Million EasyJet Customers Hacked
Paying Cybercriminals A Ransom Will Double Your Recovery Costs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

Atea

Atea

Atea is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic regions.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Ponemon Institute

Ponemon Institute

Ponemon Institute conducts independent research on data protection and emerging information technologies.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

PT Prima Cyber Solusi

PT Prima Cyber Solusi

PT Prima Cyber Solusi is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.

Kong

Kong

Kong - powering the API world. Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.