What are the cyber risk implications of remote work?

What are the cyber risk implications of remote work? | Insurance Business America

What are the cyber risk implications of remote work?

Businesses are facing heightened cyber exposure as the coronavirus pandemic forces employees to work from home.

Brian Thornton, CEO

As the COVID-19 pandemic grew, employers rapidly shifted to remote working for safety while trying their best to continue business operations. Doing this en masse over a short period of time, can overwhelm IT department, especially where employees were given access to the corporate network from their own devices.

Simultaneously, hackers moved just as quick to take advantage of the situation by sending phishing emails about coronavirus. Remote employees may be more likely to click on those emails and inadvertently let malware in. This experience highlights the importance of multi-factor authentication, secure email gateways, endpoint protection, and employee phishing training.

Nikki Ingram, Senior Cybersecurity Risk Engineering Consultant
Zurich North America

Cyber risks multiply as more workers log on to an employer’s network remotely. Employers should remind employees to scrutinize emails purporting to be from their IT department, which could be phishing attacks aimed at stealing credentials or introducing malicious software onto their computer.

Another cybersecurity crack can come from home Wi-Fi networks, which should have a strong password unrelated to the work computer password. Employees having internet trouble at home may be advised by their internet service provider to lower their security settings. They should consult their company’s legitimate IT staff before ever doing that.

Joshua Motta, CEO and Co-founder

Many businesses large and small are being forced into the new reality of remote work as the nation takes measures to halt the spread of COVID-19. Cyber criminals are already exploiting the changes organizations are implementing to facilitate remote work, most notably by exploiting the remote access points themselves, as well as by launching phishing campaigns to exploit mass uncertainty and fear. Even prior to the pandemic, insecure remote access points accounted for over 40% of ransomware claims reported to Coalition. Organizations that fail to properly secure remote access points by using a VPN or multi-factor authentication are now at far higher risk of ransomware and data breaches.