Cybercrime in the era of hybrid working

Often, employees’ wi-fi networks aren’t as secure as corporate ones, so make sure yours is sufficiently robust wherever your employees log in. Do you have multiple layers of authentication users need to go through? Two-step security, known as Multi-Factor Authentication (MFA), is always a good idea with either an online system or a physical token as well as passwords.

This is an increasingly popular way for cybercriminals to infiltrate organisations. Criminals set up fake profiles or automated bots to manipulate and trick users into giving away sensitive information. You can protect against this by having a clear social media policy in place and training your people to spot the signs of a fake profile and keep themselves - and your company info - safe.

Scammers are becoming increasingly sophisticated, and it can be difficult to tell a real email from a fake, phishing one. This is a trend that’s been around for a while, of course, but it’s certainly not gone away. Add a ‘Report the phish’ button or something similar to your systems, so your people can easily and safely forward on anything suspicious.

More companies are moving to the cloud with people working in different locations. Cloud improves mobility and productivity, and it also allows cybersecurity to be managed centrally, so keeping cloud services updated and with the latest security settings is critical. Security of data is also a priority and making sure company data is backed up is a must.

There are steps you can take to protect your business. The first of these is to make sure you have the right IT in place with strong security protocols. An off the shelf package might be what you need, or something more bespoke might be a better option. Ask an expert to help show you what’s available.

Once everything’s in place, you need to assess it regularly. Does it work as it should? Has it been updated to the latest version? Again, you can get a security expert to take a look.

It’s also sensible to have a security strategy in place. This should help you identify and deal with risks to your business. This will need to be detailed and ever-evolving as things change. Make sure it’s documented, and the right people know where to find it.

You might not have thought about taking this kind of insurance out for your business. However, it could be crucial, as it covers you against data breaches involving customers’ information, cyber theft (including employee theft), business interruption caused by cybercrime, and many other cyber incidents.

Please contact  Simon Chapman - independent cyber consultant, Mark Wiseman - Group Commercial Director of Connectus Business Solutions, or Lisa Petherick - Client Director of Konsileo (Insurance Brokers) Limited for more information on cyber security and cyber insurance.