As the world faces the COVID-19 global pandemic, many businesses remain open and operating. To abide by social distancing rules and operate through a state of emergency, their employees are working from home. There is no suspected end date for when the world will heal itself of the Coronavirus, so for the next few months, many companies are adapting to their new reality of operating business as usual from home. As employees stop working under company internet access and begin to perform their daily operations under their own Wi-Fi/Wired networks, a new risk to the business is created.
Cyber-attacks are a fast growing and evolving risk for businesses And in 2020, this isn’t shocking news. What is shocking is the limited response in dealing with this ongoing risk and issue from businesses. What do businesses have to be worried about? In 2018, Canadian businesses were ranked the third in the world for cyber security incidents, while 2019 was Canada’s worst year for security breaches in our country’s history. Canadian businesses and organizations are at a higher risk than ever for being victimized by cyber hackers. To answer that question, businesses need to be concerned at how a breach in their security could affect their organization as a whole. More than 50% of businesses said a cyber-hack has halted daily operations, while about a third of businesses had to foot the large costs for recovery and repair in the aftermath.
Working from home can create vulnerabilities within your business that cyber-hackers will use to their advantage. The majority of organizations use Virtual Private Networks (VPN) to allow employees to access their office desktop remotely. The problem here is that not every employee’s personal computers or laptops are equipped with the high-grade protection to ensure operations remain internal and secure. Whether or not an employee is using the secure VPN, the fact they are accessing a remote drive from a computer that isn’t adequately protected creates cause for concern. This causes gaps in security where cyber-hackers can find an “in” to your private files and they can cause as much damage as they wish. Cyber-hackers prey on the naivety and apathy of employees trying to work remotely.
The best way to combat this is to make your entire organization aware of phishing scams, social engineering tricks, hoax emails and the many different ways a simple click of a link can cause extreme damage. Education in cyber security is the first and very important step in spreading the right information to minimize cyber breach incidents and its promised fallout. In order to avoid this from happening, have employees participate in cyber security training and education to ensure they are aware of the number one risk to businesses and organizations. (Especially Canadian ones!)
What else could you do moving forward to limit your risk and create a stronger defense to cyber security? In addition to educating your staff on the dangers and ways they could contribute to a cyber hack, have your IT department work together with your employees. Your IT department can ensure that the right protections are installed on personal computers and laptops, removing the false narrative that basic low-grade virus software is sufficient. Knowledge of the risks and a good defense are the first two steps to protecting your business from cyber-attacks.
Lastly, ensure you are properly equipped with cyber insurance. Cyber insurance provides coverage for your business’ liability should there be a data breach involving sensitive employee and customer information. This type of coverage also provides costs that can include business disruption, revenue loss, equipment damages, public relations expenses, legal fees, forensic analysis and costs associated with legally mandated notifications.
If you already have cyber insurance and are still concerned about the risks your businesses face as they practice a work from home protocol, don’t be. Your insurance policy is still in effect and provides coverage as your business works remotely. Should you have any questions about obtaining cyber insurance or your existing cyber insurance policy, reach out to the licensed professionals at Oracle RMS today. They will be happy to provide you with the right information and provide a custom-tailored insurance coverage that’s right for you and your business.