With more remote working in sectors and businesses which are not used to it, the risk of cyber-attacks has increased as opportunists seek to exploit weaknesses. There has been a significant rise in attacks, particularly in phishing activity, malicious attachments and ransomware strains since Covid-19 pushed the nation into lockdown.
According to Beaming (a specialist internet service provider) on average each UK business faced 686,961 attempts to breach their systems online in 2020, making last year the busiest on record for cyber-attacks.
While remote working systems offer flexibility and great benefits for businesses (and their employees), these stats show that vigilance and awareness of cyber risks when working outside the office is imperative for businesses to survive the pandemic and come out of it stronger.
Your business’ most valuable assets are likely to be intangible:
- Intellectual property or technical know-how
- Customer (and to a lesser extent, supplier) databases
- Bespoke contacts
- Pricing structure/profit margin.
With remote working typically carried out over the internet and mobile devices, which have less oversight by your internal IT teams, the transfer and storage of valuable information to less secure devices provide more opportunities for cyber-attackers to subvert security controls.
The loss of, or the unauthorised disclosure of any of the above intangible assets can bring a business to its knees. Robust firewalls, watermarking of documents, effective digital use policies and processes can all help to mitigate such risks, but what can you do if the worst happens?
Steven Murray, dispute resolution partner at Harrison Clark Rickerbys and cybersecurity expert, offers guidance on how to educate your staff and minimise the risks.
- Review your business incident management plans
Plans should be clear, flexible, and deal with the wide range of security incidents that could occur, including the compromise of user authentication credentials or loss/theft of mobile devices. If you have not done so already, set up an incident response team who can provided training to prevent loss and specialist advice when such an event occurs.
- Educate your colleagues
Any system’s efficiency greatly depends on those using it. Remote workers will have varying technology know-how and you should consider producing ‘How to’ guides. All workers should trained on the use of mobile devices (including being aware of their working environment and avoiding the use of ‘free’ public Wi-Fi) as well as on secure data storage and management of user authentication credentials (not using the same password for all systems or a password that can be easily guessed – for example replace ‘a’ with ‘@’, ‘E’ with 3 or use ‘5’ in place of ‘s’).
- Maintain awareness
Make sure your staff know how to identify potentially suspicious or fraudulent communications and how to report incidents. The National Cyber Security Centre advises you look out for;
- purported authority of sender
- urgency of response required
- emotion (does the message make you panic, scared, or tease your curiosity?)
- scarcity (are you being offered something exclusive?)
- current events (are you expecting this message?).
- Encrypt data in transit
All data exchanged between a remote worker and the business network should be appropriately encrypted. Using a VPN allows remote workers to securely access your business’ email and file services through an encrypted network connection. It minimises the risk of cyber-attackers being able to intercept data from the source back to the business network. Consider if your systems can move to multi-factor authentication.
- Minimise information stored
The amount of information stored on a mobile device itself should be kept to a minimum and such mobile devices should always be encrypted.
- Use mobile device management software to minimise harm if incidents occur
Devices should include tools to enable businesses to remotely prohibit access to that device; erase or retrieve the data stored on it; or deny that device access to the business network.
- Update and patch
All software including VPNs must be fully updated and patched in order to ensure there are no gaps in the security these offer. Some of the most expensive attacks occurred because the software was not updated, and a security weakness was exploited.
- Insure, sensibly
The cost of repairing your business, and the loss suffered while your systems have been out of use, will be far more than any premium. However, it is important to ensure the insurance policy you buy is fit for purpose. Does it cover business interruption due to a cyber-attack, will it cover the cost of data restoration, or the payment of any ransom? You should consult with an experienced broker to ensure you have the right policy and sufficient cover.
Even though restrictions will be easing over the coming months, it is unlikely cyber-attackers will ease off. It is therefore important to remain vigilant whether you return to the office or continue to work from home.
For more advice or help, please contact Steven Murray at firstname.lastname@example.org
Harrison Clark Rickerbys offices: Birmingham | Cambridge | Cardiff | Cheltenham | Hereford | London | Thames Valley | Worcester | Wye Valley
Follow us on Twitter: @HCRlaw
Follow us on LinkedIn: @Harrison Clark Rickerbys Ltd