Return to office cyber risk 2021

If your clients’ offices are reopening to employees right now or adopting a hybrid-work model, they may also be inadvertently exposing themselves to new cyber threats. In recent months, spikes in ransomware attacks have correlated with lifts in lockdown restrictions: during the second quarter of 2020, Symantec blocked over 60 million infection attempts – a 74.6% increase over the previous quarter – and the trend has continued this year with 151% more ransomware attacks globally. Europe in particular has seen a growing number of increasingly sophisticated threats.

The risk has been higher for small- to medium-size enterprises (SMEs). When the pandemic began, many organisations made a quick pivot to remote working, causing smaller businesses to adopt tools and processes without comprehensive security checks. Out of necessity, employees may have used personal devices for work, company devices for personal reasons, and collaborative tools without proper safeguards – and all from a home environment that may have lulled them into taking a more relaxed approach with company tools and information. This blurring of lines between home and work has created opportunities for cyber criminals to exploit.

Step up the safety

How can organisations become a less appealing target for cyber threats? There are several easy steps an SME can take to protect itself:

• Document your security policy and training to clarify what staff can and cannot do with company devices.
• Use strong passwords. Do not store them with laptops.
• Enable multi-factor authentication (MFA) for remote access to the network and for employee access to any web-based email, such as Microsoft O365. This is perhaps the most critical control you can use to protect your organisation’s network.
• Complete full scans of any devices and ensure firewalls, and antivirus protections are switched on, configured correctly and kept up to date.
• Enable full-disk encryption, and remote locking and wiping of mobile devices.
• New vulnerabilities are the most common way criminals infiltrate networks and devices.
• Block USB ports so data cannot be copied from them.
• Educate employees to never leave a device unattended and unlocked, even at the office. If using a device outside of the office, ensure it’s out of sight and locked when left.
• Eliminate, or reduce, local admin access on laptops and other networked devices.
• Zero-Trust Network Access (ZTNA) is a service that restricts access and conducts checks on a company’s behalf. Such protection will likely become a global industry standard for businesses.

When SMEs fail to take necessary precautions, they remain easy targets for cyber crime. Making a business more difficult to attack drives criminals to move on to a less-prepared organisation.

“For the foreseeable future, there will be enough ‘low-hanging fruit,’ such that if criminals are discouraged from breaching business A, they will move on to business B,” said Davis Kessler, Head of Cyber at Travelers Europe. “The important thing is to be business A!”