As a result of the global sanitary situation and of the national measures taken to limit the spread of the virus, such as social distancing, many businesses had to face a new work organization which not all were adequately prepared to carry out.
In particular, in the past few months, businesses had to resort to “smart working”, which has been and is a great opportunity of change but it has had also many implications with regards to data processing and cybersecurity.
Smart working has brought an increase of the online work because, besides ordinary activities, even briefings and meetings were transferred online. This reality multiplied occasions of cyber-attacks by criminals who took advantage of the employees’ lack of knowledge and of the inadequate security measures adopted to handle this new need.
As usual, the risks related to cyber-attacks are subjected to many factors and the first is still the human factor.
Most of the cyber-attacks are, as a matter of fact, caused by malware or phishing and social engineering activities perpetrated to the detriment of employees, who were proved to be easy preys with the intensifying of their online activity. Most of the violation happened sending a simple e-mail.
Thus, all it took was the unfortunate victim clicking on a wrong e-mail or downloading an infected attachment to cause a great damage. It was also found that most of the e-mail used to lure had covid-19 as main topic.
Since most of the cyber-attacks happened by exploiting the human factor, there’s no doubt that constant training of the employees on cybersecurity is necessary to avoid these events.
From an analysis carried out by “Clusit”, an Italian cyber security association, 73% of employees working from home do so without having received any indication on cyber security.
Another risk factor comes from the fact that employees weren’t always equipped with business devices, risking the data processed on account of the company and creating also potential security breaches.
After these first months where companies and employees had to quickly come to terms with a new way of working, many companies are planning to raise their security measures, adopting more effective solutions and building or improving their business continuity model.
Perhaps this is the right time to establish a new relation with internet and fully use its capacities reducing associated risks.