Our insurer partner Zurich explains the cyber risks associated to remote working.

According to the Global Risks Report 2020, over 50% of the world’s population is now online and approximately one million more people join the internet every day. Fourth Industrial Revolution  technologies, such as robotics, 3D printing, Artificial intelligence (AI), cloud computing, the Internet of Things (IoT) and advanced wireless technologies are already bringing remarkable economic, environmental and societal benefits across the globe. The accelerated growth of digitalisation offers many opportunities including:

• Aiding rural farmers to help maximise their crops;
• Applying 3D printing techniques to make artificial body parts/prostheses;
• Using self-driving cars to support mobility for those in later life;
• IoT helping to lower co2 gasses by optimising energy consumption and reducing traffic congestion.

What are the risks to organisations?

According to 38% of leaders surveyed in The World Economic Forum (WEF) Special Report on COVID-19, cyber-attacks and data fraud are the most likely technological risk fallouts world-wide as a result of the Coronavirus pandemic, due to for example, new working patterns or using less secure internet connections. It is however important, to be prepared for cyber-attacks when our employees are working remotely, as attacks can have a massive impact on a businesses’ finances, reputation, operations and employees. It is vital that companies are implementing additional security measures to protect themselves at a time when criminals are looking to exploit any weaknesses caused by the virus. As cyber-crime becomes more profitable, cyber-attacks are unfortunately more likely to occur. Furthermore, the WEF says that organised cyber-crime entities are joining forces and their likelihood of detection and prosecution is estimated to be as low as 0.05% in the United States – with such low prosecution rates, fraudsters could feel cyber-crime is low risk, high reward.

Threats include scams used by criminals such as smishing and phishing – this means receiving a fake text or email claiming to be from a trusted organisation or individual being impersonated by fraudsters.

Sustaining cyber security with a remote team

We take a look at the proactive measures businesses can take, to ensure their organisation has the most effective defences in place during these challenging times.

Change the locks. Companies are susceptible to cyber-attack via log-in procedures, predominantly if they are password-only. Therefore, firms can take advantage of Multi-Factor Authentication (MFA), a mechanism that supplements a login password with an additional piece of information, such as a one-time only code. Enforcing the use of strong passwords and MFA, such as LastPass, are steps to help protect devices and data. Features include, single sign-on (SSO) and password management tools. You can even sign up for free

Sharpen up on education. Help and support your team in understanding the risks around being hacked and inform them about your internal procedures for reporting issues. For Bring Your Own Device (BYOD) equipment, make sure that people are kept well-informed about new threats such as convincing phishing scams, so that they can help mitigate threats. Advise people to look out for spelling mistakes as a sign that something’s not as it should be and tell employees not to click on any links. Spam texts can be sent to Ofcom free of charge at 7726

Team working. Collaboration tools such as Microsoft Teams and OneDrive are convenient and secure ways for teams to communicate. Check collaboration tools offer end-to-end encryption and store data privately

Security blanket. Devices carrying sensitive company information outside of the ‘usual’ place of work should have encrypted disks. Plus don’t forget, workstations remaining in an unattended office should also have their disks encrypted

Beware of the Botnets. If your devices aren’t protected, you’re vulnerable to viruses and to becoming a Botnet – Botnets can be used to steal data, send spam and allow would-be attackers to access the device and its connection. Ensure all devices leaving the workplace have anti-virus software installed or where already in place that they are updated. Updates to operating systems can also stop weaknesses that can be exploited by crooks.

Our world is changing fast and the Coronavirus pandemic has triggered a new way of working and an abrupt technology shift, but one that relies upon resilience and robust cyber security processes. The adoption of cyber-incident infrastructure and responses will set businesses well on their way to a better-protected future for years to come.

Action Fraud is the reporting centre for fraud and cyber-crime in England, Wales and Northern Ireland. Reports of fraud and any other financial crime in Scotland should be reported to the Police via 101.

Source: Zurich