Is remote working putting your business at risk of attack?
If you think your business is more susceptible to a cyberattack now hybrid working is the norm, you’re not alone.
A new report from security operations firm Arctic Wolf found that two-thirds (67%) of businesses in the UK feel the same way, with ransomware being identified as the biggest worry.
A significant minority of the respondents (40%) said they would be willing to pay at least five figures for the decryption key, while a third (31%) said they paid out between $43,000 and $295,000 to address security breaches in the last 12 months. Furthermore, a fifth (20%) admitted hiding previous cyberattacks in order to preserve their good image with the public.
Most business leaders believe Russia and China to be their two biggest threats, and believe a tighter relationship between the public sector and private corporations could help curb some of these attacks.
And despite palpable fear and figures pointing to the dangers of cyberattacks, many businesses aren’t prioritizing workforce knowledge and employee protection.
Two in five (39%) don’t have comprehensive cybersecurity insurance set up, while two-thirds (62%) don’t trust their employees are able to properly identify every type of cyberattack.
Operational issue
For Ian McShane, field chief technology officer for Arctic Wolf, most of these companies don’t have a “tools problem”, but rather an “operational problem”.
“Embracing security operations will allow organizations to address the rapidly evolving threat landscape with ease and simplicity,” he commented.
Ever since most people started working remotely, there has been an onslaught of ransomware attacks, Distributed Denial of Service (DDoS) attacks, Business Email Compromise attacks and general fraud. With employees being at the front lines of these attacks, most organizations started deploying Zero Trust and SD-WAN, as well as multi-factor authentication, in order to improve their chances of survival.
Experts have also been vocal about the need to further educate the workforce on the dangers of phishing and online fraud, however, more recent reports have been suggesting that further education hardly moves the cybersecurity needle for most businesses.