16 Oct HOMEWORKING AND CYBERSECURITY RISKS
HOMEWORKING AND CYBERSECURITY RISKS: BUSINESS CHALLENGES AND PREVENTION
With the Covid-19 pandemic the entire globe has been forced upon major societal changes, including homeworking as the new normal.
Businesses have suddenly found themselves exposed to higher risks of cyber attacks as their staff necessarily started to access critical, sensitive information remotely.
Companies are waking up to new vulnerabilities as criminals implement new modi operandi and adapt existing attack vectors to exploit the situation. Therefore, being cyber-resilient is a must.
How to prevent, detect and contain cyber-attacks while working from home?
Here are some tips for businesses:
- Establish corporate policies and procedures
- Raise staff awareness at all levels and possibly provide regular training
- Provide secure remote access and secured homeworking devices
- Keep operating systems and apps updated
- Increase your security monitoring
- Secure your corporate communications
- Pay special attention to financial operations and payments – make sure only secure and trusted tools and methods are used at corporate level. Check out how MyBank GDPR, PSD2 and AML compliant solution can help you enhance payments security.
Here are some tips for employees:
- Use secure remote access
- Access company data with corporate devices
- Protect your homeworking devices and environment
- Report suspicious activity
- Stay alert: phishing and social engineering remain the main threats, however scammers also use further channels including phone calls or text messages as described here.
Cyberattacks on critical infrastructure -rated the fifth top risk in 2020 by experts of the World Economic Forum network- have become particularly common across sectors such as energy, healthcare, and transportation. Public and private sectors alike are at risk of being held hostage.
According to the recently published Europol’s Internet Organised Crime Threat Assessment 2020, Business Email Compromise known as BEC or CEO fraud remains a main and further growing threat: it is a sophisticated, highly tailored and very effective scam with targets ranging from governments, international organisations, small to large businesses, whereby criminals employ social engineering techniques to gain access to an employee’s or executive’s email account to initiate bank transfers under fraudulent conditions, i.e. by pretending to be the CEO and asking the employee to carry out a payment.
This kind of frauds and cyber attacks as whole, cause major disruption to businesses as well as huge losses: according to a study by Accenture, a malicious attack to a company takes an average of 50 days of work to be resolved.
In 2020, working from home is a new modality in many contexts, while cyber-security has been a priority already for some time. This year’s pandemic has accelerated the growth of remote working and has created new targets for criminals who want to steal money or financial information from businesses.
Everyone needs to increase vigilance and learn how to prevent and recognise cyber-attack attempts and frauds.
In addition to the above-mentioned tips, companies also need to pay special attention to the tools that employees use to carry out daily operations. Even the right payment tools can support prevention: MyBank, the immediate bank transfer solution that is processed from the protected environment of online banking with Strong Customer Authentication, offers a GDPR, PSD2 and AML compliant tool, which ensures data protection and transaction traceability and which maximizes security of payments at business level.
16 Oct 2020