Testing times to exercise good cyber health

Testing times to exercise good cyber health

With millions of employees working from home rather than the office, it is critical that businesses do not lose sight of the risk of hacking and fraud.

The UK's official cybersecurity agency has this week (July 13) launched a tool to practise being cyber attacked for employees currently working from home, some of whom will be using their own personal internet connections and computers.

Individual employees can be the weakest link in the digital security chain and home working is presenting a golden opportunity for hackers to make money from seizing information like personal data, intellectual property, and wider information to support the fraudulent criminal activity.

With breaches on the up, organisations not only face the risk of vital company data being exposed and the resulting reputational damage but also fines should organisations fall foul of GDPR legislation.

The toolkit allows people to test their defences by roleplaying the experience of being hit by a cyber-attack.

It seeks to help home workers reduce the risk of data compromises while working out of the office. It places the focus on three key areas of teaching staff how they can safely access networks from home, which services might be needed for secure collaboration and what processes need to be in place to manage a cyber-attack remotely.

Working remotely may lead to employees feeling more vulnerable online, and this is where employers have a duty to act, providing appropriate training and awareness to teach employees a shared sense of responsibility for the data that they work with.

Small businesses may feel they lack the resources, but there are ways to direct an effective cybersecurity education campaign cost-effectively and it's worth checking out the National Cyber Security Centre’s easy to access resources. (https://www.ncsc.gov.uk/section/about-ncsc/what-we-do)

Clark IT has supported many businesses to bolster cybersecurity through staff training and support. A good way to start, and to benchmark employee awareness and how they are likely to react in different scenarios is through a multiple-choice quiz. The results serve to highlight areas where support may be needed, and retaking the quiz at the end of a period of training will demonstrate it any additional support is necessary.

Look at developing a home working policy and train staff to use it, so that everyone understands the message that security is everyone's personal responsibility.

Cybersecurity awareness should be viewed as an ongoing process. Carrying out spot tests, like spear-phishing, will help employees to always be on their guard, ensuring that practices around cybersecurity become second nature.

Cybersecurity should be treated just as seriously as building security or fire safety, with staff training and awareness of proper and protective procedures. It takes a collaborative approach between employers and their employees to stay digitally safe.

Clark IT has provided bespoke training, and supported numerous businesses to stay digitally secure, through schemes like Cyber Essentials, a Government-backed scheme that demonstrates a business is committed to online security. Clark IT is able to advise on best practice, and rules and guidelines tailor-made to your own business circumstances.

Find out more about how Clark IT can support your team’s cybersecurity when working from home. Get in touch with us at https://www.clark-it.com/contact.

For more information on the National Cyber Security Centre’s (NCSC) online roleplay, launched on July 13, and for more information visit: https://www.ncsc.gov.uk/news/businesses-helped-keep-home-workers-secure-with-cyber-exercise