Risk & Business Magazine Nesbit Agencies Fall 2020 | Page 12

CYBERCRIME
The Increased Risks Of Cybercrime:
Protecting Yourself At Home
COVID-19 has changed a
lot of things about the way
workplaces function, what
people do day-to-day, and
the perception that “going to
the office” is the only way to get work
done. More and more, telecommuting
is becoming an option, with employees
performing many of the same functions
they formerly went into the office
to do right from their own homes.
Unfortunately, this is blurring the line
between “work time” and “personal time,”
and many people are being increasingly
caught off guard by cybercriminals
working to exploit this situation.
There are a slew of issues that arise
when working from home, the largest of
which is cybersecurity. The equipment
that companies may employ for use in
their buildings is simply not the same as
what is available for most end-users and
employees at home. Person A and Person
B may both use the same machines
with the same procedures and the same
software at work. When at home, Person
A and Person B may have radically
different setups. Cybersecurity and data
security are essential whether staff work
at the office or at home, thus employers
need to increasingly make sure that staff
members are trained to look for red flags
and that those employees have the proper
equipment to do their jobs in a safe way.
According to Deloitte, there has been
a 25 percent increase in phishing
attempts and fraudulent emails since the
beginning of COVID-19. The reality is
criminals do not care whether there is a
pandemic or not. They take advantage
of situations as they present themselves.
The opportunity to hack into a Zoom
meeting and intercept company
secrets, trick employees into providing
information via electronic means, or
make a couple of quick phone calls
to unsuspecting employees to obtain
confidential corporate data is becoming
more and more available due to the vastly
increased numbers of telecommuters
working today.
HOW CAN STAFF REDUCE SOME OF
THESE RISKS? HERE ARE A FEW WAYS
TO START:
• Assess the ability of the company
to recover from a ransomware or
widespread cyber-attack. How
quickly can things get back up and
running?
• Best practices indicate that a
written security incident and
information security plan should be
in place. Computer and data policies
should also be listed in employee
training documents.
• Validate the security capabilities of
business partners, service providers,
and the supply chain. Many
breaches occur due to weaknesses in
the supply chain.
• Regularly check that new security
measures being taken are actually
effective. During the initial days
of the crisis, many new plans were
outlined and implemented before
employees were even trained to
properly use them.
Working from home is not a bad thing.
Not inherently. With that being said, it
does bring along with it some security
risks that were not present before. Take
the time to review the IT security plan of
your company and update any training
that employees may need to adequately
and safely perform their duties. +
12