Home Working Is A Threat To Cybersecurity

Uploaded on 2018-04-09 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Employees should avoid taking work devices and sensitive work information home with them and all charities are at risk of cyber-attacks regardless of their size or prominence, fundraisers have been warned.

Speaking at the Institute of Fundraising’s fundraising compliance conference this week, the cyber-crime expert Neil Sinclair, chief operating officer at London Digital Security Centre and formerly of GCHQ, said that there were 85 million attempts to hack computers in the UK every year and charities were potential targets.

He said many people thought that criminals would target relatively well-defended large companies or charities, whereas in reality they often focused on vulnerable smaller organisations, including many charities.

"If there is anyone at a charity who says their charity is too small or too isolated or too original to be a victim of a cyber-attack, they are lying to you," he said.

Sinclair also outlined some of the specific threats to charities and said people working from home or while commuting could be significant threat to a charity’s cyber security.

"Do you use the same devices at home as you use at work?" he asked. "Do you strictly keep those devices you use at work off your home network?

"You should use devices for work only in the workplace, on 4G or on a specific WiFi network."

For example, GCHQ did not allow personal devices to enter the workplace, Sinclair said, because they were more at risk of being hacked, and therefore could be used to record without people knowing, for example.

He also warned of using WiFi in locations such as pubs or coffee shops and said that staff should ensure they did not use sensitive company information while on digital devices that are connected to, unsecured, WiFi.

This is because it was relatively easy for criminals to replicate unsecured WiFi networks, Sinclair said, and it was therefore important to ensure the device used "forgets" the WiFi network once workers left the venue.

The trend for employees to send information to their personal devices to work on while commuting or at home also undermined cyber defences, Sinclair said, because sensitive information for the charity was being used in an environment that was outside the cyber defences the charity had in place.

He said that most cyber-attacks "are not targeted, they are random – they are fun, some of them", and people should be aware that if they use electronic devices connected to WiFi in public places they are vulnerable and "can be a victim just because you are there".

Sinclair said: "Should I really be taking my work stuff home on my own device? You shouldn’t – that’s the simple answer."

He added that many organisations were not actually carrying out their cyber strategies, with fewer than one in 100 actually having a plan that was enforced across the company.

Third Sector

You Might Also Read: 

Action Fraud: Social Media Used to Steal Charity Donations:

Charities Are Vulnerable To Severe Cyber Attacks:

 

« Fake News Will Lead To A Cyber War
Iranian Hackers Adopt New Methods »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

Cyble

Cyble

Cyble Vision enables faster detection of cyber threats and focuses on identifying and analysing the motivations, methods, capabilities and tools of adversaries.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

Netpoleon Group

Netpoleon Group

Netpoleon is a leading provider of integrated security, networking solutions and value added services.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Symptai Consulting

Symptai Consulting

Symptai Consulting is a leading Cyber Security, Digital Transformation and Anti-Money Laundering firm serving the Caribbean and the wider world.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

PointWire

PointWire

PointWire offers a range of cybersecurity solutions and services including Penetration Testing on various levels, as well as Intrusion Detection and Prevention Systems.

Lansweeper

Lansweeper

Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Hakai Security

Hakai Security

Hakai is a consulting firm specializing in information security that offers customized services and products to meet the needs and goals of each business.

HardTarget

HardTarget

HardTarget is a cutting-edge cyber training company serving HWN (High-Net-Worth) Families and their trusted Advisors.

Elixirr

Elixirr

Elixirr is an award-winning global consulting firm working with clients across a diverse range of markets, industries and geographies.

ManagedMethods

ManagedMethods

ManagedMethods is a leading Google Workspace and Microsoft 365 data security and student safety platform for K-12 schools.