Cyber-crime is now one of the largest concerns facing the business community with businesses across the board in the UK now facing considerable cyber threats and risks. These threats and risks are not new however, exposure from remote working and a serious lack of adequate cybersecurity training has led to significantly more incidents.
Specops Software found that around ‘41% of employees had not been provided with adequate cyber security training while working from home’ and that posed ‘all kinds of threats to businesses’. Furthermore, in their recent survey of 2,043 business across 11 difference sectors, 54% of business owners claimed to have seen a ‘rise in cybercrime threats since working from home, with every sector reporting phishing as the most prevalent attack’.Despite these facts, over half of the businesses indicated that they would still consider a permanent switch to remote working for all employees.
According to Specops Software survey, the top five cyberthreats facing businesses are ransomware (96%), crypto jacking (74%), phishing(67%), IoT attacks (48%) and cyber-physical attacks (39%). Moreover, the IT and computer, charity, medical and health and accountancy, banking and finance sectors are unmistakably vulnerable.
Warnings from cyber experts, including from the NationalCyber Security Centre, highlight and support the stark findings that the cybersecurity issues facing businesses are only likely to increase with the rise in the numbers of businesses moving to permanent remote working. Employees working from home are more likely to take risks than those working in an office environment. These actions could include using personal email to share personal or sensitive data, usage of mobile external storage devices and allowing others to use and access to their device for personal use.
Nonetheless, before the pandemic, cyber threats were already on the rise and affected around 1.4m SMEs in the UK in 2018/2019 with an estimated cost of £8.8bn overall. An average attack was thought to have cost in excess of £6,500 to resolve. A 2019 Gallagher survey found that extortion, industrial espionage and terrorism were becoming a growing concern for small businesses.
Crisis under-preparedness, the lack of a response plan and forms of protection including insurance and training continue to plague SMEs and add to the ever-increasing cyber threat facing business today.
To tackle some of these issues’ businesses should, according to CyberSmart:
· Limit or control their bring your own devices by using a mobile device management system and putting any IoT devices on a separate network,
· Ensure 2 factor authentication is turned on where available,
· Use a password manager as well as using unique passwords especially on your email account.
· Only using reputable vendors which maintain a good security posture.