Employees Lack Cyber Protection In Lockdown

Uploaded on 2020-05-20 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The effects of the Coronavirus epidemic has blurred the distinction between work and private life for many new remote workers and the shared technology that connects both brings increasing threats to our cybersecurity. 

Part of the problem is security processes that come as second nature in the office environment can easily be forgotten at home, especially when using your own devices. Working from home has boomed during the coronavirus outbreak, but a new survey reports that 73 percent of employees had not received cybersecurity guidance for remote working.

Phishing emails related to COVID-19, increased spam, connecting to compromised WiFi spots and the use of shadow IT by employees were some of the threats and risks of homeworking identified by the survey, which interviewed 6,000 people around the world. 

Accidentally downloading malicious content from an email could lead to devices being infected and business data being compromised.

While it is primarily an employer’s responsibility to ensure that its business can safely continue remotely, employees also have a part to play. Using strong passwords and making use of two-factor authentication for all devices and accounts is a good starting point.

In order to promote secure remote working the experts at Kaspersky recommend that employees know who to contact when facing a security issue, employers should pay special attention to employees who had to work from personal devices and provide them with dedicated policy and security recommendations. 

Also very importantly they should schedule basic security awareness training online, and cover essential practices such as switching on password protection, encrypting work devices and ensuring data was backed up. “The need for teleworking is proliferating amid COVID-19, and getting momentum with the exponential escalation of infected cases and mortalities around the world,” Muhammad Khurram Khan, a cyber security professor at King Saud University in Riyadh, told Arab News.

Home networks were often less secure than internal networks of organisations and could put employees at greater risk of cyber-attacks, with the majority of people never being trained to work remotely in a secure manner during an unexpected situation, added Khan, who is also the founder and CEO of the Global Foundation for Cyber Studies & Research.

Organisations forced to work remotely due to COVID-19 are risking unprecedented cyber security threats from malicious actors.​

Business organisations were more focused on improving the technology and processes while overlooking the human aspect, which was considered to be the weakest link in the security chain. Statistics showed that an alarming percentage of data breaches occurred as a result of human error and the negligence of basic cyber security practices and awareness, he said, so cybersecurity should be considered a critical business issue. 

An effective cyber security awareness program and guidelines specifically designed for teleworking could help reduce the risk of cyber threats aimed at exploiting the human element.

Khan suggested that organisations train and educate their employees about good cyber hygiene practices such as keeping all software up to date, installing a home firewall and antivirus software, using secure Wi-Fi, choosing strong passwords, enabling multi-factor authentication, backing up data regularly, being wary of COVID-19 scams. 

  • They should also report any suspicious incidents, and being vigilant of all unsolicited emails and attachments, which could contain malicious software or could be used for phishing scams.
  • Many workers are significantly more stressed and anxious than normal. This can increase vulnerabilities and could leave workers more susceptible to scams.
  • Remote workers need to be alert to phishing emails and avoid sharing personal or financial information with an unknown source.

Verdict:         INews:       Arab News

For a cost-effective  Cyber Audit Report on your organisation’s cyber security and cyber training please contact Cyber Security Intelligence and we will recommend the right cyber training and audit for your organisation. 

You Might Also Read:

Lockdown Security Apathy Could Be A Big Risk

 

 


 

 

« Nine Million EasyJet Customers Hacked
Paying Cybercriminals A Ransom Will Double Your Recovery Costs »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Absolute Software

Absolute Software

Absolute provides persistent endpoint security and data risk management solutions for mobile devices - computers, tablets, and smartphones.

Devo Technology

Devo Technology

Devo Security Operations is a next-gen cloud SIEM that enables you to gain complete visibility, reduce noise, and focus on the threats that matter most to the business.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

Thomas Miller Specialty

Thomas Miller Specialty

Thomas Miller Specialty is a commercial Managing General Agency providing specialty risks insurance including Cyber & e-crime insurance.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

Vector InfoTech

Vector InfoTech

Vector InfoTech is a leader in Industrial Security, Networks, IT and Telecommunications.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

infySEC

infySEC

InfySEC is an information security services organization offering Security Technology services, Security Consulting, Security Training, Research & Development.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Enigmatos

Enigmatos

Enigmatos is an Israeli based Automotive Cyber Security company. We provide solutions to the ever growing threat of vehicle hacking.

YorCyberSec

YorCyberSec

YorCyberSec act as a trusted Cyber and Information Security broker and procurement specialist. We help companies to Reduce Risk, Increase Assurance and Improve Performance.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

Matrixforce

Matrixforce

Matrixforce is a vetted IT support provider that uses the patented Delta Method of streamlining technology for financial and professional service firms to reduce complexity and avoid risk.

Opus

Opus

Opus dramatically reduces cloud security risks by enabling teams to define, orchestrate, automate and measure remediation processes across the entire distributed organization.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.