By Paul Balkwell, Vice President, International Sales at Zix
The past year has seen an unprecedented rise in cybercrime around the world. The United Kingdom has not escaped unscathed. In fact, according to one recent report, there was a 71% increase in incidents of cyberattacks over the past 12 months, with a 69% increase in the frequency of breaches. A significant number of these breaches were caused by organisations having to shift rapidly to remote work. With many organisations having to go straight from full time office to work to fully remote, it should hardly be surprising that the UK saw an 86% rise in cyberattacks as a result of remote work. Globally, that places it just behind Australia and France, which saw 89% and 96% increases.
And while most of those cyberattacks were as a result of the usual suspects, including phishing and OS vulnerabilities, it’s also clear that ransomware is playing an increasingly large role in the cybercrime space. So significant has its growth been that GCHQ’s cybersecurity boss recently warned that it pases the biggest online threat to people in the UK.
Within that scenario it’s clear that UK-based companies cannot afford to take a business-as-usual approach. Even as more and more people return to the office, they need to ensure that they provide employees with as secure a remote working environment as possible. Critically, they also need to ensure that they’re doing everything they can to protect the organisation from ransomware attacks and to mitigate the damage if they do fall victim to one.
Empowering remote workers
One of the biggest factors in play when it comes to remote work is that organisations have to secure multiple networks rather than a single network in a single office.
In an office environment, organisations can also control the number of devices on their networks, whereas they have very little idea of how many devices are accessing their employees’ home networks and how secure they are. It’s therefore pivotal that companies do as much as possible to empower employees to work remotely in a secure way.
The first, and most important, step when it comes to enabling staff to work securely from home is education. With cybercriminals increasingly capable of spoofing both internal and external communications, it’s imperative that organisations remind employees of what they’ll never ask them to do via email. Additionally, organisations should emphasise that employees be doubly cautious of any email that asks them to click a link, open an attachment, or verify their details.
It’s also important that organisations make it clear how and where to report suspicious emails. The faster an organisation’s security team is alerted, the more quickly it can respond and intervene to warn employees and shut down spoofed websites.
Beyond education, there are a few steps that organisations can take to ensure that their employees are as protected as possible.
These include, but are not limited to:
- Issuing each employee a portable computer and a VPN token with Multi-Factor Authentication
- Making sure all machines are encrypted, contain end-point security, and have everything in place for regular patching
- Making sure all machines are equipped with email security, encryption, archiving, backups to protect against spam, ransomware, malware, spearfishing, etc,
- Providing security awareness training for all employees as well as education from LinkedIn Learning on working securely as well as working remotely,
- Open communication through cloud-based productivity suites, video conferencing, open chat channels to enable the team to collaborate and communicate.
The organisation can further help, by assisting employees to secure their home networks and regularly communicating security advice including only allowing people they trust onto their network and not allowing children and other family members onto work devices.
A number of these steps are also applicable to ransomware. Perhaps nothing, however, is as important when it comes to addressing ransomware as backing up is. Research shows that twice as many organisations are able to recover their data from backup than from paying the ransom. Importantly, they were able to do so at half the cost.
It’s critical, however, that backing up be done regularly and securely. A third party security provider can help you on this front. Your backup provider should be able to address the unique needs of laws such as GDPR and any others that impact the jurisdiction you operate in. This includes, but is not limited to, its choice of data centre, data encryption, at-rest and in-transit rules, and the ability to purge backups. Additionally, adopting a backup provider shouldn’t impact on your organisation’s ability to do business.
The solution you choose should therefore offer simplified employee on-boarding and off-boarding with bulk activation, automated addition and deletion of users, and backup of inactive accounts. Additionally, it should offer an out-of-the-box setup with zero adoption effort, no matter what SaaS platform you use.
A problem that won’t disappear on its own
Ultimately, cybercrime isn’t going to disappear. Nor is there likely to be any magic bullet that entirely protects companies from the threats they face, especially when it comes to ransomware. As such, it’s critical that companies have as many defences as possible, empower their employees, and have robust backup and recovery solutions in place.