Cyber security in the workplace is a shared responsibility.
Established in 2004 by the National Cyber Security Association (NCSA), the month is an advocacy campaign, raising awareness of cyber security threats, providing resources, and helping to promote good practice among organisations. (Cyber Security Month)
Each week has been allocated a theme.
Week 1 – “If You Can Connect It, Protect It”
Week 2 – “Securing Devices at Home and Work”
Week 3 – “Securing Internet-Connected Devices in Healthcare”
Week 4 – “The Future of Connected Devices” (Security Magazine)
This year, there is extra emphasis on the Healthcare industry which is vulnerable to cyber-attacks.
Sensitive information such as health files, insurance data, and medical services are all at risk and need to utilise the best AI to prevent information breaches occurring.
Notable Cyber Security Breaches
Many cyber-attacks have had a devastating impact on businesses and individuals who have had their information stolen.
Around 70% of in-house cybersecurity managers plan to request a significant budget increase during the next year, after the rise in attacks this year.
Cyber-attacks rose by 25% between the end of 2019 and the start of 2020. Many of these scams are masquerading as government financial assistance or payments. With a growing number of grants out there due to the pandemic, there is a high risk.
- In July 2020, Twitter’s internal systems were compromised by a phishing attack.
- The Marriott hotel had 5 million of its loyalty program users hacked, the second time in five years.
- Zoom suffered a breach seeing login credentials and private information for half a million users hacked and sold on the dark web (Entrepreneur).
Social Media Cyber Threats
All it takes is one wrong click and hackers can enter your accounts or devices. Social media may be a great way to connect and share information, however, it poses a risk and you must take precautions.
Stu Sjourwerman, CEO at KnowBe4 commented “End users should be particularly aware of their security and privacy settings within social media platforms to ensure that they’re not sharing personal, sensitive information with the world”. (Professional Security)
Cyber Security in the workplace
Most companies do not have proper security in place for their remote employees.
Your employees are the weakest link and a knowledgeable IT team and proper training of staff is your best defence to cyber threats. It is up to your IT team to ensure that security is up to date and all vulnerabilities have been tested.
- 55% of businesses were targeted by cybercrime in 2018 (up 15% from 2017) (ITPortal).
- 58% of hiring managers list info-security as their most required skill right now.
Employees most at risk of offending
In a recent study on cyber security in the workplace, 2,000 UK employees across a range of industries were interviewed.
- 40% had no password or security software installed on their devices.
- 20% admitted to downloading commercially sensitive files onto a personal device while working from home.
But which age group is the worst offender for this?
30% of under 24s had used personal devices for work within the last six months. Of these, 50% had no password or security protection.
In comparison, only 8% of 45-55 years olds admitted to using personal devices for company data (Techround).
The under 24’s were at most risk of offending, which may be of surprise to many employers who might consider the younger generation more tech-savvy.
It is important that appropriate training is rolled out to all staff members in your organisation to eliminate the threat.
Cyber Security and Healthcare
Studies show that Healthcare workers are the least likely to have password and security protections on devices, which is worrying as some of our most sensitive data will be held by this industry.
20% of Healthcare workers admitted to downloading company files onto a personal device without password protection or security software installed. This is despite the increase in targeted healthcare attacks during the pandemic.
James Brown, Director at Protect your bubble commented: “It’s clear from the survey responses that many UK businesses need to address their cybersecurity vulnerabilities and adapt their protocols in light of more employees working remotely” (Techround).
Cyber Security Training
KnowBe4, creator of the world’s largest security and awareness training platform is used by 34,000 organisations worldwide and has prepared a course, especially for Cyber Security Awareness Month.
“Social Media: Staying Secure in a Connected World” (KnowBe4).
The course covers:
- How do you identify a social engineering attack?
- Real-life scenarios
- Tips to protect you and your organisation
Courses like this will strengthen your defence against cyber criminals who want to trick you and your employees out of sensitive information.
The real problem is that only 10% of tech professionals in the UK have the right skills to fill the cyber security gap, this is worrying as the need for Cyber Security skills increase.
Avi Raichel, CIO at Zerto, “Cyber threats such as ransomware can be a huge threat to businesses, and even just a single employee clicking a malicious link in their emails will mean a ransom must be paid for all business data encrypted…it is crucial to have the right cyber defences in place to avoid a disaster where customer data, and a lot of money, could be at risk.” (TechRound)
Businesses should use Cyber Security Month to understand their own vulnerabilities and put in place a plan of action for every employee in the business. Training staff is the key to protecting your businesses from cyber-attacks.
If you want to know more…
Socially Recruited has worked with thousands of different businesses across the UK and overseas. Businesses must have access to advice and support at these challenging times.
For further information or to trial the service, please contact Marc on the details below.
Social Media and Recruitment Specialist
0203 327 0304