With around 90% of successful cyberattacks due to human error, Mark Brown, founder of Psybersafe, says companies should pay as much attention to training their staff as they do to their IT systems.
Businesses have always been vulnerable to fraud and today’s scammers are taking things to a different level. Not only that, but their methods and approaches change all the time, making it difficult for organizations to keep up.
The pandemic has not helped. Scammers quickly seize new opportunities and the virus was a gift. Phishing attacks using Covid-related messages increased by 600% and in a single day, Google intercepted 18 million emails that attempted to exploit our curiosity and concern about the pandemic.
Remote work has also provided, and will continue to provide, hackers and scammers a great opportunity to do more business. That’s because our habits change when we work from home. We no longer get the everyday psychological cues that put us in a ‘safety first’ frame of mind, things like key passes to enter the office, not signing in or logging out. Not seeing other people lock their laptops when they leave their desks, and there are no big warning signs about cybersecurity from IT.
Given the loss of these signals, we tend to be more relaxed at home. And hackers know it. Our Wi-Fi connections are less secure. We are more likely to be distracted and may not report concerns as quickly as we would have in the past.
Cybersecurity and remote work
What does this mean for organizations considering hybrid work? Basically, it means that you need to do everything you can to make sure your employees take cybersecurity seriously, regardless of where they work. Below we’ve shared the top five ways a hacker could get into your systems and what you can do to try and prevent them.
Risk 1: mishandled company data
Your company is subject to the British equivalent of the GDPR, regardless of the location of your employees. Personal email accounts are often easier to hack than corporate email accounts, and even a hard copy on paper can be potentially harmful.
Make sure that employees do not send company or customer data to their personal email accounts, or display or print it if they are using a shared workspace.
Risk 2: open Wi-Fi networks
Remote workers are likely working on your home Wi-Fi connection or in a shared space. If Wi-Fi isn’t secure enough, hackers can easily access the laptops, tablets, and phones that use it.
Make sure employees configure their home network with WPA2 (Wi-Fi Protected Access 2), a network security technology commonly used in Wi-Fi wireless networks and used on all Wi-Fi hardware since 2006, which encrypts data as it is transmit.
It is also a good idea to recommend changing the router’s default password to something much more secure, preferably a password that is at least 15 characters long and includes letters and special characters like * & ^% $.
Risk 3: control the hardware
Personal devices often do not have the same level of security protection as business devices. Hence, hackers will look for people using their own devices. They are easier to hack and that means higher and better performance for the hacker.
Make sure, whenever you can, you provide the devices your employees use and that those devices have the best possible protection. Abandon Bring Your Own Devices Policies If You Can.
Risk 4: cybersecurity is forgotten
As we already said, the normal signals for cyber-safe behavior do not exist at home. This means that people tend to be more relaxed, and that presents a real opportunity for a scammer.
Be sure to message regularly – through emails, team video meetings, and training – to keep cyber security in mind. Get your people used to checking for anything unexpected, from email attachments to text messages, to keep surveillance levels high.
Risk 5: people don’t know what to look for
“It will never happen to me” is the first step towards cyber disaster. Clicking on a phishing link or opening a seemingly innocent attachment takes less than a second, and we are all at risk of doing so. Scams are sophisticated and look authentic, that’s why they work.
Make sure your people know what to look for. And more than that, make sure they behave correctly in the face of potential cyber scams, so that working safely becomes a habit, not an exception.
The importance of employee vigilance
It doesn’t really matter how you plan to work in the future. Wherever you are located, your people could be the target of a cyber scam. As long as scams continue to work and make money for hackers, and hackers make millions from their activities, it is still vital that people have the tools and behaviors they need to detect potential problems and protect both individual data and data. of your organization.
Flexible working is here to stay, and while that makes your organization potentially more vulnerable to cyberattacks, you should see it as an opportunity. Just be sure to give cyber security the time and attention it deserves, and that means paying attention to training your staff and ensuring your IT systems are secure.
Remember, about 90% of successful attacks are due to human error. Now is the perfect time for organizations to do what they can to avoid being part of those statistics.