In an increasingly virtual world, how do you keep your information secure and your business safe from cyber crime?
With millions of people around the UK working from home it’s no surprise that we’ve been online more than normal. According to infosecurity magazine in April, there was an overall Internet usage increase of 17%. From Zoom calls for work to FaceTime with friends, people are getting better acquainted with the virtual world.
There is a negative side to this, however. According to Cloudflare, online threats rose by as much as six-times their usual levels as the COVID-19 pandemic hit, with cyber attacks becoming more common, and more convincing.
Information security is something that people are starting to address more in the workplace, with good reason…
• 95% of all cyber security attacks on organisation’s networks come from phishing emails
• At the beginning of lockdown, phishing attempts skyrocketed over 600%
• 95% of cyber security breaches are due to human error (Cybint Solutions)
Protecting your business
There’s often a belief that layers of systems, processes and protocols protect everyone from cyber crime when they’re at work, but a company’s overall information security is only as strong as their least aware employee – all it takes is one wrong click.
Making sure your employees are not only aware of cyber attacks, but actively know what to look for, and what to do if they suspect something, is crucial. You can gauge levels of understanding through penetration testing with your IT team – like fake phishing emails – surveys, or even open Q&As. Once you know what you’re dealing with you can create targeted training and communications to offer support, like we helped GSK to do through quizzes and gaming, you can read the case study here.
Changing behaviours and increasing cyber awareness won’t happen overnight, but here are some ways to start a cultural shift…
• Educate employees – share information and stats so there is a realisation of attacks to the business
• Make a clear link between actions and consequences – what could that one click do?
• Create a balance between scary and fun comms, too much of either will stop the message hitting home
• Keep things simple – stick to the facts
• Remember – as we become more virtual this is a risk that will only increase, so on-going awareness is key.
Don’t forget to address offline behaviour too! From employees misplacing their lanyards, to leaving confidential information on the printer, the more people are aware of information security, the more careful they’ll be.
Tips and tricks
Wellbeing has become a big focus for employers since the beginning of the COVID-19 pandemic. Keeping your employees aware of and protected from the dangers of cyber crime is another way of keeping them safe and well, giving them one less thing to worry about.
Consistently sharing tips and reinforcing messages will help people keep information security at the forefront of their mind, at work, and in their personal lives too. Here are a few tips to share…
• Always think before you click! Even if an email looks legitimate, if you’re not expecting it – be wary
• If you’re sharing confidential data, make sure you’re password protecting your documents or using an SFTP
• Double check the recipients of an email before you press send
• If you get an email that looks dodgy, report it to IT or your information security officer immediately
• If you think you’ve accidentally clicked on a phishing link, own up straight away – the quicker you act, the better.