resources. sequel talks.

27 March 2020

Staying on top of cyber security

Protecting employees’ health and wellbeing is paramount for organisations responding to the COVID-19 pandemic – but how can you help to support their digital wellbeing too?

With a huge number of employees across the world working from their homes while facing a rapidly changing global pandemic, the roles of internal communication, HR and IT have never been so important.

It’s our job to keep our people informed, connected and motivated. And on top of that we must help to keep them safe – and we don’t only mean protecting their health and wellbeing.

“Many organisations had to quickly adapt to most – if not all – of their people working remotely,” says Charles Fenoughty, Sequel’s Digital Director. “It’s very tempting to cut corners from a cyber security point of view and focus on getting people working and communicating.

“But don’t give into temptation – hackers realise this is a vulnerable time for organisations. It’s vitally important that we take steps to protect our people and businesses.”

Indeed, research from Barracuda Networks shows that cyber criminals are cashing in on the COVID-19 crisis, reporting a 667% increase in email attacks since the end of February.

Of course, the importance of cyber security shouldn’t come as a surprise to businesses. In their 2020 Cyber Security Report, Check Point reported that cyber crime is estimated to have cost $1.5 trillion in 2018 and point out that last year entire industries and governments were targeted by hacking.

But what does risky behaviour look like in a typical workplace?

Picture the scene…

There’s some kind of issue with your colleague’s connection and they can’t access the server properly. They ask you to email a couple of work files to their personal email account.

A colleague has forgotten their log-in details to a work system. They ask you to share your password.

You’re joining lots of new social networks – both professional and personal – to keep in touch with colleagues and friends. You use the same password for each one.

Any of these situations sound familiar? Each poses a cyber security risk that could expose private and personal data, such as files, emails and passwords.

Charles adds that while data leakage prevention (or DLP) is a key issue in these unique circumstances, people are going to do what it takes to maintain a familiar way of working.

“People may make up their own processes and turn to unofficial channels for collaboration, like Google Hangouts, or file sharing, such as DropBox. This opens your organisation to unplanned risk and is an opportunity not lost on the opportunist and malicious.”

How can we help?

“The key thing is to ensure that everyone understands the importance of this issue and works to bring people together on it,” says Charles.

“Internal communication should provide a space in their channels for IT and IS to share messages with employees, explaining why cyber security is so important at this time, and how they can help.

“For example, this would be a good time to remind people about document classification – help them to understand the difference between public, internal and confidential and how to share them appropriately.”

“And on the other hand, IT and IS might have tools and techniques that could help the organisation to communicate and collaborate securely. And when it comes to the tech itself, they’re bound to have advice on how to use it effectively, which we can be turned into user guides.”

Finally, Charles says that we need to be “can do”, not “can’t do”, people.

“It’s not about locking things down – the ingenuity of people means they’ll find workarounds and could cause bigger problems. Instead we need to work together to put secure platforms in place, encourage their use, and educate our people on how to stay safe – both physically and digitally.”