When nationwide stay-at-home orders were enforced back in March, most employees thought they were packing up their desks for just a few weeks. Majority of employers and employees could have never anticipated that six months later they would still be working from home. Although remote working appears to have been coordinated overnight, it seems like it’s here to stay for the foreseeable future. And for some office-based employees, remote working will be permanent. As this way of working shifts from a temporary solution to common practice, organizations need to reevaluate their cyber risks. Policies and protocols put in place in the beginning of lockdown might have been adequate in the short-term, but the question remains if these will suffice for the long-term.
As restrictions ease across the country, employees are no longer limited to their make-shift home offices. While most employees are not ready to return to the office yet, many are looking to break the barriers of working from home by setting up for work in communal areas like coffee shops and hotels. Home Wi-Fi networks haven’t given employers much concern since it is both private and secure. However, if more and more employees begin to start venturing out for new workspaces, this could create a new set of risks. Open and unsecured networks, such as coffee shops or hotel public networks, are hot spots for cybercriminals as they can capitalize on the unsecured nature of these networks to access confidential information.
The risks associated with working in public spaces is not just limited to the internet. While most cybercriminals use sophisticated tactics, the traditional approaches, such as eavesdropping, remain and can still be effective. Business calls taken in communal places can expose potentially sensitive information to those within hearing distance, therefore posing a critical risk to data security and privacy. While some public spaces might feel like a home away from home, employees shouldn’t treat them as such. For those who are opting to work in public spaces, the additional risks this poses must be acknowledged. Educating team members on the increased risks of working from public networks is key if employees are to be trusted to work from a location of their choice.
The importance of communicating and training new and existing employees on potential security threats is greater now than ever before. While all employees should actively participate in regular cyber-security training, this should coincide with specific training tailored to the needs of departments and individual teams, as different areas of your organization will be at risk for varying cyber threats. For example, human resources and finance store an immense amount of employee personal data, which is frequently the target of phishing scams.
As we settle into this new normal, it’s time for big and small organizations to reevaluate their cyber security policies and procedures and consider whether any components were forgotten during the sudden transition to working from home. Organizations should also be looking forwards, taking into account what the new emerging risks might be and adapting to new threats posed by cybercriminals as remote working becomes more fixed in the modern work culture.
Cyber-security is rapidly evolving and being redefined in the age of the coronavirus pandemic. The team here at Hawley & Associates takes pride in the strong relationships we’ve built with insurance carriers and are adamant in staying on top of the latest market trends in order to provide your organization with the policy it needs to be protected. Cyber crimes have been on the rise since mid-March and we don’t see them slowing down any time soon, which is why it’s imperative that your mission has the coverage it needs in the event of a cyber breach. Our highly-skilled agents carefully review policy details to ensure it contains the necessary provisions needed to protect your organization. In addition, we evaluate whether policies provide coverage against known and emerging cyber incidents and threats. Therefore, if your organization has insufficient cyber liability insurance coverage, or maybe none at all, please contact us for a free quote and to answer any questions you might have on how to better protect your mission.