Rising cyberattack fears in hybrid working world
A new survey of almost 1,000 UK firms from all sectors and sizes has revealed that more than half believe their IT systems have been left more exposed to attack following the huge increase in people working from home during the pandemic.
The research by the British Chambers of Commerce (BCC) and IT company, Cisco, also found that one in ten firms said they had been the victim of a cyberattack in the last year, rising to more than one in seven for larger firms. Despite this, four out of five firms said they did not currently have accredited cybersecurity measures in place to protect against attacks.
Reacting to the findings, Shevaun Haviland, Director General of the BCC, said:
“The huge shift to home working, and the use of cloud computing, for tens of thousands of employees happened almost overnight, so it is not surprising that many firms were caught out by the implications this had for their cyber-security arrangements. All of the BCC’s research indicates that a shift to a more hybrid way of working, with many staff now splitting their time between the office and home, is here to stay, so it is more vital than ever that firms have the right cybersecurity protections in place. With one in ten firms confirming they have come under attack in the last year, the need to take action now could not be more important.”
Aine Rogers, Head of Small Business, Cisco UK & Ireland, said:
“The lines between professional and personal are more blurred than ever. Organisations are no longer just protecting an ‘office’ but a workforce at the kitchen table. As businesses and individuals, we’re more exposed than ever to security threats. Whether it’s fraudulent SMS campaigns, posing to be a delivery company, targeted social engineering to access the passwords for your customer database, or hacking your home network, criminals in the cyber world are cunning. That’s why we need to evolve thinking to focus on securing your employees and what they are doing, not where they are.”
Writing in a briefing for International Workplace in October 2021, standards body BSI advised:
“Even if employees spend only half of their working hours in their home offices moving forward, it presents a situation ripe with serious cybersecurity issues. Organisations adopting such hybrid models should be continuously monitoring and analysing systems for vulnerabilities to ensure that none of a network’s components fall behind on patching and update management. Moreover, if employees are bringing their own devices into the office after using them when working at home, organisations will need to consider the reduced state of security that characterises most home networks and devices. Systems will need to be devised for device testing and sanitisation procedures should be established before allowing unvetted devices to access a corporate network. As well as testing their devices, organisations should be testing their employees too – phishing attacks remain an easy route into corporate networks, which makes employee awareness training pivotal in helping employees to spot these attacks and other types of malicious cyber activities that could potentially lead to ransomware attacks, data breaches and system failures within their organisation.
“The move to hybrid ways of working is not the only reason organisations now need to adopt more robust cybersecurity strategies. The frequency, severity and sophistication of cyberattacks have all increased substantially since the beginning of the pandemic. Given today’s cyber threat landscape and the emergence of new technologies, it is imperative that organisations have the correct protocols, policies and procedures in place to keep their information safe, data secure, infrastructure robust and ultimately, make them resilient.”
related content
