Hybrid Working – Reducing the Risks of Cyber Attacks

Since the start of the COVID19 pandemic, it is estimated that cybercrime has skyrocketed by 300%. A major factor contributing to the increase in cybercrime is the rise of remote working.

Currently, many businesses continue to work remotely with one in three UK workers currently based exclusively at home. It is a trend expected to continue this year with hybrid working expected to become the norm. With the changing world of work, cybercriminals will continue to exploit human error and target vulnerabilities in systems – no matter where your employees work from.

Red Flags to Look Out For

Cybercriminals use sophisticated tricks and techniques to target and illegally access businesses’ confidential data. Be it phishing, ransomware or social engineering. To beat cybercriminals and ensure cyber safety and information security in the hybrid workplace, let’s look at some of the common red flags of modern social engineering and cyber attacks:

  • Suspicious links or downloads: Avoid clicking on links in emails that you receive from people you don’t know. Take the time to inspect the sender information and whether the email source is genuine. If in doubt, always best to not click or download.
  • Signs of urgency: Many attacks are designed to force the user into taking action promptly. For instance, it could be an email on an outstanding invoice yet to be paid or taking action on an external account to prevent disruption to service.
  • Requesting sensitive information: Such as bank details or national insurance number for tax purposes. Any legitimate organisation will always call you directly if they gather sensitive information.
  • Posing as public or government bodies: Many individuals and businesses report being contacted by public or government bodies. Such as tax refunds from the HMRC, email attachments from the World Health Organisation (WHO) and even bitcoin donations to help fight the coronavirus. These are scare tactics aimed at giving up work or personal email details.

Reducing the Risks

We are strong believers in prevention is better than cure. The best way to reduce the risks of cyberattacks is to invest time and resource in keeping your systems secure and ensuring that your employees are aware of the cyber threats facing your business. The level of threat remains the same irrespective of whether they work from the home or from the office. But in a hybrid working set up, the chances of human error can go up as seen during the COVID19 pandemic. It’s vital for businesses to recognise the risks and take proactive measures to keep their business prepared as they move to a hybrid working model.

Keeping Systems Secure

Most cyber-attacks aim to target organisations with outdated computers and systems which haven’t had the critical security updates or patches installed in a long time. With a lack of security, hackers can easily gain access to business networks and systems. They may also use ransomware to resort to blackmail to hand-back control of systems and databases.

Keeping systems up to date, especially when working remotely, is the first line of defence against cyber-attacks. Make sure you have invested in a reliable IT team and systems which can protect your devices and networks from viruses and hackers. Antivirus software is a cybersecurity cornerstone that can protect against various malware by providing security features such as firewall, spam filters, real-time scanning and security reports, among other things.

Implementing a Cybersecurity Policy

An efficient, company-wide cybersecurity policy can help organisations outline the best practice for their employees to follow while hybrid working and ensure they are taking the necessary steps to keep business information secure. A comprehensive cybersecurity policy is essential for driving the message from the top and raising awareness amongst your employees. Make sure the cybersecurity policy covers:

  • The importance of cybersecurity
  • Recognising cyber threats such as phishing and ransomware
  • Installing security updates and patches
  • Keeping computers and devices secure when not in use
  • Effective password management
  • Using email and the Internet securely

Investing in Awareness Training

Many experts recognise cybersecurity awareness training as a key priority in a hybrid working world. Many cyberattacks are often attributed to employees inadvertently creating an entry-point to the systems that cybercriminals could take advantage of. It all comes down to a lack of awareness which can put your employees at risk of making errors in judgement, resulting in information security breaches, company downtime, or financial loss. Educating staff reduces the likelihood of successful cyber and social engineering attacks. Make sure your awareness training program is capable of rolling out effective learning interventions over a number of years – after all learner engagement and knowledge retention are the key ingredients in ensuring effective awareness training and return on investment.

As specialists in awareness training, we can support your business with our online training solutions for cybersecurity and information security. Visit our Information Security collection page to find out more.

The Rise of the Hybrid Workplace

The Rise of the Hybrid Workplace

Hybrid working: the term ‘hybrid working’ refers to a working arrangement in which an individual, team, or organisation spend part of their time at the workplace and part of the time working remotely.

When the covid-19 pandemic struck early last year, it seemed to change everything – including the way we work. Organisations had to quickly adapt to working from home where possible and many took the initiative to install new technologies and processes to ensure business continuity and communications.

Indeed, working from home has become the norm for so many of us that almost 70% of UK employees want to split their time between working from the office and working from home once social distancing measures ease.

Welcome to a new era of hybrid working.

The hybrid workplace enjoys all the advantages of remote working (increased flexibility, a better work/life balance, reduced commuting time, less environmental impact) and combines them with the strengths of traditional office-based working (face-to-face collaboration, elevated company culture, clear separation of home life and work life, emphasis on teamwork).

On paper it seems like the perfect balance; separating ‘where’ we work from ‘how’ we work means employees can decide for themselves where they will be most productive for particular projects. In this way, physical location becomes fluid and much more intentional.

Additionally, the increase in trust between managers and employees is good for business, it’s proven that introducing hybridity increases satisfaction and enthusiasm across the board – and that’s great news for productivity!

Managing the balance

As lockdown measures begin to lift, then, and a new era of hybrid working dawns, it will be important for business leaders to recognise and manage the new challenges hybridity poses.

For instance, many employees won’t be as ‘visible’ to those in power as they once were, particularly senior managers and those responsible for promotion and upskilling opportunities. It does seem to makes sense to assume that being office-based increases the likelihood of receiving praise and commendation for efforts done on the job.

This means that office-based employees are more likely to be recognised and thought-of when an important new project or promotion is in the pipeline, and there’s the risk that credit for collective efforts will be unevenly distributed to those who are ‘there’ at the time.

To counteract, managers will need to install new ways to track and communicate their team members’ successes and think about fair ways to report these to those who need to know. Things like presenting group projects should – as much as possible – be scheduled to days when everyone who contributed can make it to the office (or else be done digitally for everyone involved) and managers will need to work with their team members to ensure they have enough access to resources that support their work (think technology, information, infrastructure, etc.).

Balancing the benefits of remote working with ‘face-time’ in the office will be key when it comes to implementing successful hybrid working strategies. Communications, out of necessity, will become more intentional, and organisations will want to think about how they are going to share information and collaborate in a way that’s effective and aligns with the employee experience.

What about training?

Of course, as eLearning specialists, we’d be remiss not to mention training and development in the new hybrid workplace, although many UK employees are already comfortable with online learning and even prefer it to traditional classroom learning thanks to its flexibility and accessibility.

A hybrid workplace could take full advantage of these benefits of virtual learning, incorporating them into orientation, mandatory training, as well as professional development. Managers ought to be trained on how to use video techniques in department training sessions and be able to host meetings where all of the team – whether virtually present or there in person – get to share their thoughts equally.

Find out more about our remote working courses!