Covid-19 is providing more than its fair share of challenges and a lot of uncertainty for businesses. Maintaining business continuity when you aren’t prepared for a remote workforce can cause costly disruptions, so it’s no surprise that when businesses are confronted with a seismic shift in working practices, it can often lead to errors being made.
The increase in remote workforces has seen a considerable increase in cyber-attacks. According to research by Hiscox, currently, small-to-medium-sized UK firms are targeted with 65,000 individual attacks a day, resulting in a UK business being successfully hacked every 19 seconds, at an average cost of £11,000.
Cybercriminals are exploiting the opportunity presented to them by a massively increased remote workforce, with unprecedented levels of employees working via hastily pulled-together solutions, often security takes a back seat resulting in billions of pounds of loss to small businesses each year.
Also, small businesses can often overlook the importance of proper cybersecurity, with one in three small firms (35%) admitting they have not installed security software over the past two years. Four in ten (40%) do not regularly update software, and a similar proportion does not back up data and IT systems. Fewer than half (47%) have a strict password policy for devices.
How can you offset cyber-attacks during COVID-19?
Secure Connection: Home Wi-Fi poses the risk of being easily hacked into, so accessing company information through connecting this way is a risk. Instead, a VPN provides a secure internet connection which is much more difficult to hack into.
Secure laptop: Personal laptops are much less secure than work laptops (although sometimes work laptops aren’t as secure as they should be) as they often have little security, and are usually outdated, making them much more at risk of cyber-attacks.
Effective Anti-Malware/Virus: Most personal laptops will have minimal malware or anti-virus protection installed, if at all. So, anyone working on them is at a much greater risk of falling victim to hackers.
Patch Management: Patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs.
Secure configuration: Restrict the functionality of every device, operating system and application to the minimum needed for the business to function.
Password policy: Ensure that an appropriate password policy is in place and followed.
User training education and awareness: Staff should understand their role in keeping your organisation secure and report any unusual activity.
Halcyon is an ISO 27001/9001 accredited organisation meaning promote data security. We take steps to ensure our customers are as secure as possible by adhering to the Cyber Essentials guidelines as issued by the National Cyber Security Centre (NCSC), we recognise the threat to small businesses is very real and work with our customers to avoid them becoming another statistic.
