Company Working From Home? Stay Safe of Cyber Attacks
Cyber attacks against small- and mid-sized businesses (SMBs) were already rising rapidly prior to the outbreak of COVID-19. Now, with more and more businesses working remotely to combat the spread of the virus, hackers have been given expanded opportunities to target at-risk firms.
Whether or not your company already employs cybersecurity protection, there are several steps you can take now to protect your business from unwanted interference from cybercriminals.
Discover the risks associated with cyber-attacks and how your company can protect itself when working remotely in the wake of the COVID-19 outbreak.
Cyber Attacks: Is My Business at Risk?
Every business is at some risk of a cyber breach. While it might seem plausible to assume that only large international corporations must deal with cyber-attacks, this couldn’t be further from the truth. In fact, 43% of incidents involving businesses in 2019 targeted small companies.
Unfortunately, most firms are not up to the task of combatting the attacks with less than 15% of small business CEO’s confirming that they are currently employing measures to stop these breaches.
As COVID-19 has shocked the world, forcing businesses to shut their doors to both the public and their employees, hackers have stepped up their game. Security experts have warned that businesses can expect an increase in cybersecurity breaches, with hackers targeting businesses across industries.
Cyber Trends for Businesses
While every industry is experiencing enhanced cybersecurity vulnerability, there are specific sectors that are at an even higher risk within the current climate.
- Healthcare – Medical professionals worldwide are already stretched thin due to an exponential increase in demand. Even so, it is critical that every business working within the healthcare sector protect itself from cyber-attacks. HHS suffered an attack in March, with experts indicating that cybercriminals will likely target businesses to take advantage of increased chaos in the sector.
- Medical Supply Distributors – As demand for medical supplies and equipment continue to increase, businesses are struggling to keep up. While cyber interference may not be the first thing on the minds of those that operate in the sector, the potential for breaches has blown up.
- Financial Services – The bleak economic outlook and the continued interruption this crisis is having on the financial world has put firms across the financial services sector at increased risk to cyber interference. It has become essential for every business that operates within the financial sector to protect themselves from cyber crimes, especially with most employees working from home.
- Media Companies – The media is always a target for cyber attacks. However, with an increase in remote broadcasting and content production, the cyber threat is increasingly real. Any company working within the media space should operate with heightened awareness during this difficult time.
- Business and Consulting Services – Companies that provide services to a large spectrum of companies are consistently targeted by cybercriminals and should be especially careful when having employees work remotely. Not only do your workers have access to more information than other sectors, but cybersecurity measures can lapse when there is a lack of centralized oversight.
- Public Sector – Whether you work directly in the public sector or provide contracted services to the public sector, you are at an enhanced risk of being targeted by cybercriminals. From misinformation campaigns to stealing non-public information, the public sector is facing a major cyber challenge.
Even if your business doesn’t operate in one of these sectors, it is essential that you take the proper precautions to mitigate your risk of a security breach. There are several steps that every company working remotely can take to decrease their risk of a cybersecurity incident now, without having to invest in expensive added security measures.
How to Protect Your Business from a Cyber Attack
When employees work remotely, the risk of a successful cybersecurity attack increases. This is due to an expanded number of devices, networks, and locations that can be targeted by cybercriminals.
Your business’s network is simply more vulnerable than it would typically be due to several key reasons:
- Employees accessing company systems from unsecured or shared internet networks
- Employees failing to properly update their devices to current security patches
- Lack of oversight from centralized IT teams
- Using company devices for personal use or vice versa, increasing exposure to phishing attempts and viruses
- Reliance on individual employee vigilance instead of installed security protocols
10 Tips to Decrease Exposure
To decrease your company’s exposure to a cyber attack, consider taking the following precautionary steps immediately.
- Require your employees to reset their passwords more often. While most companies require password resets on a bimonthly basis or less, if your company is working from home it would be a good idea to require password resets at least weekly. While this might cause a headache for your IT team, it can go a long way in deterring cybercriminals.
- Always require two-factor authentication when logging in to employee systems. While simple, two-factor authentication works wonders. It makes it that much more difficult to log into your business software and will be effective in stopping a cybercriminal from accessing company data.
- Make sure your employees can easily detect phishing emails and links. Employee phishing training is essential nowadays. While nobody thinks they’d be the one to be fooled, there are far more tricks than the average employee knows about. Still to this day, phishing emails and links are one of the most prominent ways cyber attackers gain access to privileged information.
- Cut back on emailing detailed reports that include sensitive information. If it isn’t essential, then don’t send it digitally. Cyber hackers are expanding their attempts at accessing sensitive information. If it really needs to be shared, then send it over an encrypted network.
- Get your employees to use a trusted VPN. A VPN can go a long way in protecting your privacy. There are a host of companies that provide cheap, easy-to-use VPNs. All you need to do is provide information on how to install the product to your employees and you will be that much more protected.
- Anti-virus software and anti-malware programs should be installed on all remote staff devices. This will ensure there is some measure of preventative protection.
- Use an encrypted messaging app to communicate with your staff. These apps are on the rise for both consumers and businesses, so use them. If a cybercriminal can’t access your intra-company communication, you will be at less risk of them gaining access to your company’s proprietary information.
- Power down devices not in use. If your employee has a work-specific computer or smartphone, be sure to enforce a “power down policy.” If it’s not in use, it should be turned off.
- Backup your data. When it comes to sensitive information, you want to ensure it’s both encrypted and backed up on an external platform. This will allow you to retrieve original documents, should anything happen.
- Make a reaction plan. Even if you take all the proper precautions, it is impossible to completely shield yourself from a security breach. That is why it is essential that you have a plan of action should something go wrong.
While these steps will go a long way in protecting your business from a security breach, it is always advisable to consider added measures to protect your company from financial losses in the wake of an attack. Cybersecurity insurance is the best way to protect your firm from cyber attackers and ensure that you don’t lose revenues if something does occur.
When in Doubt, Insure Your Firm
When you take the proper precautions to avoid a cybersecurity incident, you are that much more protected. However, even the most secure companies are still at risk. The best way to fully mitigate your risk is by insuring your company against damages in the wake of a cybersecurity attack.
Cybersecurity insurance has witnessed a major increase in popularity for businesses, even before the recent developments pushing companies to remote work. Insurance coverage offers a blanket of protection that goes beyond the tips and tricks; it offers financial protection.
Cybersecurity insurance policies will protect your business from losses when an incident occurs, inclusive of the following costs:
- Data Breach Expenses
- Network Security
- Privacy Liability
- Regulatory Fines & Penalties
- Network Extortion
- Business Interruption Costs
- Business Interruption Loss of Profit & Extra Expense
- Data Recovery / Restoration Expenses
- Media Liability
- PCI Fines, Assessments or Charges
- Reputational Harm
Protecting Your Company While Working From Home, right NOW
The best way to make an effective plan in the current cybersecurity environment is by protecting your business from financial losses should an incident occur. While it is essential to continue taking all necessary precautions, a cybersecurity insurance policy can go a long way in establishing peace of mind during these troubling times.
At NOW, we offer affordable cyber insurance coverage to companies of all shapes and sizes. Operate effectively in the work-from-home age, eliminating the anxiety of facing a cybersecurity breach. Get in touch today to discuss your company’s needs, so that you can continue to function at the highest level while working remotely.
- Business Insider. Working from home? Here are the steps all workers and companies should take to avoid cyberattacks, according to experts. https://www.businessinsider.com/how-to-avoid-cyberattacks-working-from-home-covid-19-2020-3
- CNBC. Cyberattacks now cost companies $200,000 on average, putting many out of business. https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html
- Bloomberg. Cyber-Attack Hits U.S. Health Agency Amid Covid-19 Outbreak. https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
- Cook, Adam. COVID-19: Companies and Verticals At Risk For Cyber Attacks. https://www.digitalshadows.com/blog-and-research/covid-19-companies-and-verticals-at-risk-for-cyber-attacks/
- The Hill. Hackers find new target as Americans work from home during outbreak. https://thehill.com/policy/cybersecurity/487542-hackers-find-new-target-as-americans-work-from-home-during-outbreak
- Insurance Information Institute. Cyber Liability Risks. https://www.iii.org/article/cyber-liability-risks
- SDX Central. Security Experts Battle Hackers, COVID-19 Cyberattacks. https://www.sdxcentral.com/articles/news/security-experts-battle-hackers-covid-19-cyberattacks/2020/03/