Employees Lack Cyber Protection In Lockdown

The effects of the Coronavirus epidemic has blurred the distinction between work and private life for many new remote workers and the shared technology that connects both brings increasing threats to our cybersecurity. 

Part of the problem is security processes that come as second nature in the office environment can easily be forgotten at home, especially when using your own devices. Working from home has boomed during the coronavirus outbreak, but a new survey reports that 73 percent of employees had not received cybersecurity guidance for remote working.

Phishing emails related to COVID-19, increased spam, connecting to compromised WiFi spots and the use of shadow IT by employees were some of the threats and risks of homeworking identified by the survey, which interviewed 6,000 people around the world. 

Accidentally downloading malicious content from an email could lead to devices being infected and business data being compromised.

While it is primarily an employer’s responsibility to ensure that its business can safely continue remotely, employees also have a part to play. Using strong passwords and making use of two-factor authentication for all devices and accounts is a good starting point.

In order to promote secure remote working the experts at Kaspersky recommend that employees know who to contact when facing a security issue, employers should pay special attention to employees who had to work from personal devices and provide them with dedicated policy and security recommendations. 

Also very importantly they should schedule basic security awareness training online, and cover essential practices such as switching on password protection, encrypting work devices and ensuring data was backed up. “The need for teleworking is proliferating amid COVID-19, and getting momentum with the exponential escalation of infected cases and mortalities around the world,” Muhammad Khurram Khan, a cyber security professor at King Saud University in Riyadh, told Arab News.

Home networks were often less secure than internal networks of organisations and could put employees at greater risk of cyber-attacks, with the majority of people never being trained to work remotely in a secure manner during an unexpected situation, added Khan, who is also the founder and CEO of the Global Foundation for Cyber Studies & Research.

Organisations forced to work remotely due to COVID-19 are risking unprecedented cyber security threats from malicious actors.​

Business organisations were more focused on improving the technology and processes while overlooking the human aspect, which was considered to be the weakest link in the security chain. Statistics showed that an alarming percentage of data breaches occurred as a result of human error and the negligence of basic cyber security practices and awareness, he said, so cybersecurity should be considered a critical business issue. 

An effective cyber security awareness program and guidelines specifically designed for teleworking could help reduce the risk of cyber threats aimed at exploiting the human element.

Khan suggested that organisations train and educate their employees about good cyber hygiene practices such as keeping all software up to date, installing a home firewall and antivirus software, using secure Wi-Fi, choosing strong passwords, enabling multi-factor authentication, backing up data regularly, being wary of COVID-19 scams. 

  • They should also report any suspicious incidents, and being vigilant of all unsolicited emails and attachments, which could contain malicious software or could be used for phishing scams.
  • Many workers are significantly more stressed and anxious than normal. This can increase vulnerabilities and could leave workers more susceptible to scams.
  • Remote workers need to be alert to phishing emails and avoid sharing personal or financial information with an unknown source.

Verdict:         INews:       Arab News

For a cost-effective  Cyber Audit Report on your organisation’s cyber security and cyber training please contact Cyber Security Intelligence and we will recommend the right cyber training and audit for your organisation. 

You Might Also Read:

Lockdown Security Apathy Could Be A Big Risk

 

 


 

 

« Nine Million EasyJet Customers Hacked
Paying Cybercriminals A Ransom Will Double Your Recovery Costs »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

Granite Partners

Granite Partners

Granite is a cloud service for the development of business risk management, cyber security and privacy and occupational safety and health.

Salient CRGT

Salient CRGT

Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Help AG

Help AG

Help AG provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security solutions and services.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

ID North

ID North

ID North is a Nordic service provider offering identity security to its customers by providing world class expertise and best-in-class solutions and services.

Zluri

Zluri

Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management and Identity Governance.

Proton

Proton

Proton provides free encrypted email, calendar, drive, password manager, and VPN services. Building a better Internet.

Clear Ridge Defense

Clear Ridge Defense

Clear Ridge was founded in April 2015 with the mission and vision to support Joint, Service Cyber Components, and commercial clients in specialized cyber support.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.