Top tips for staying secure while working from home

Hands typing on a keyboard surrounded by security icons
(Image credit: Shutterstock)

The changing demands of workers and industries throughout the pandemic has resulted in businesses across EMEA continuing to explore new methods of hybrid working. One globally recognized benefit of the shift to this model is that many of us can now enjoy a much healthier work/life balance. But despite an increase in awareness around cybersecurity, many organizations have fallen victim to cybersecurity attacks and have struggled to protect remote workers.

About the author

Quentyn Taylor is Senior Director of Information Security and Global Response at Canon for EMEA.

The unexpected need for enterprises to transform their business models into remote or hybrid working meant that most businesses were unprepared for change. As a result, many organizations lacked adequate security tools such as remote access solutions or faced challenges after leaving RDP exposed on the Internet or not properly patching VPNs.

The pandemic also saw a rise in cybercriminals utilizing social engineering cybersecurity attacks, which created a significant problem for businesses. Many of these bad actors would pose as individuals from Twitter’s IT department, for example, targeting employees in their homes and surreptitiously accessing confidential information. Sadly, these sorts of methods are likely to continue to develop in the year ahead as cybercriminals grow smarter and expand their techniques. This is highlighted by the fact that prior to the pandemic, 20% of cyberattacks used previously unseen methods or malware – a figure that rose to 35% during the pandemic.

Enterprises are no longer working from one centrally managed office in today’s hybrid world but are running their business directly out of people’s homes. This means it’s more important than ever for business leaders to be aware of the importance of good cybersecurity, which will be key to protecting not only their business but also their employees in the year ahead. So how can they prepare and take learnings from the pandemic?

Ensuring your business is prepared

Organizations should start with clear communications and a remote management plan to make sure they can contact employees in emergencies – for example, if their platform of choice suffers an outage. They can also take proactive steps to protect and secure their data by investing in enterprise password management systems or similar technology.

Changing delivery of your messaging

Enterprises should also ensure their communications and guidance are tailored and relevant to their employees. For example, business leaders are more likely to secure and maintain interest from workers by focusing on outcomes and actions as opposed to talking about policies. They can also give short, sharp security briefings to employees, enabling information to be provided in more innovative and exciting ways than the dreaded “death-by-PowerPoint”.

The use of innovative training methods has been proven to be highly effective and should therefore be considered by organizations in 2022. Something as simple as bite-sized videos – such as an educational video on how to spot a phishing email “informing” the reader of a parcel delivery cost – is often well-received. Businesses can also tap into immersive experiences, such as breakout rooms with challenges, virtual escape rooms, and even quizzes or crosswords. They can even go a step further by providing prizes to encourage teamwork and engagement – after all, who doesn’t like to be rewarded for their hard work?

Create cybersecurity champions

IT and InfoSec teams can famously be difficult to get hold of, which often results in employees feeling removed from this area of the business. By nominating cybersecurity champions within the business – that is, several trusted, go-to people to act as the voice and ears of cybersecurity – employees can feel confident that they have a friendly face they can approach when they want to ask questions.

Additionally, this is useful from a business perspective, as layering security through a champion network is a good method for organizations to scale up their cybersecurity messaging and encourage openness and communication.

Praise, don’t punish

It’s essential that businesses encourage and celebrate good cybersecurity practices instead of punishing people for mistakes. It can prove difficult to motivate employees to pay attention to cybersecurity if an atmosphere of fear is created around the topic – and it is in fact much more likely in this instance that workers will disengage and switch off from cybersecurity altogether.

The personal side of cybersecurity

Many businesses have realized due to the pandemic that they are fundamentally at a business disadvantage. The rapid shift to hybrid working gave many organizations the boost they needed to strengthen their overall position in the cybersecurity landscape, with the topic now more of a business priority than ever before. So, while cybersecurity is now being taken far more seriously at board level, this momentum must be continued – and should now trickle down to educating employees.

Workers need to have a fundamental understanding of why they should care about cybersecurity. It’s actually about more than simply trying to protect a device or connection, but even boils down to protecting an employee’s identity and the business that provides them with a job and income. By focusing on the personal side of cybersecurity, organizations can ensure that their messaging grabs the attention of their employees and resonates with them on a human level.

By employing these tactics, businesses can work to encourage positive attitudes towards cybersecurity in 2022. It is this mindset across the business which will enable organizations to feel confident that their messaging is getting across, and that they can ensure their business and employees are as safe and secure as possible in the year ahead.

We've featured the best ransomware protection

TOPICS

Quentyn Taylor is the Senior Director of Information Security and Global Response at Canon for Europe, Middle East and Africa.

Read more
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Don’t let holidays be your cybersecurity downfall
Abstract image of cyber security in action.
It’s time to catch up with cyber attackers
Hack The Box crisis simulation event
“Everyone will experience a hack” - how incident response can protect your organization
An image of network security icons for a network encircling a digital blue earth.
Why effective cybersecurity is a team effort
Cyber-security
Cyber security on a shoestring: maximizing your ROI
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Passwordless authentication continues to grow, with biometrics helping push adoption
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in Features
Sterling K. Brown as Agent Xavier Collins in Paradise
Hulu's #1 show Paradise has got everyone talking – here are 3 more political thrillers with over 85% on Rotten Tomatoes to watch next
Tor
What is Onion over VPN?
Sony RGB LED visualization
I saw Sony’s next-gen RGB mini-LED TV tech in action, and OLED TVs should be worried
Gemini on a smartphone.
I used Gemini AI to declutter my Gmail inbox and saved myself 5 hours a week – here’s how you can do the same
A representational concept of a social media network
What are data removal services?
Man adjusting settings on Garmin Fenix 6 watch
5 hidden features on your Garmin watch you're probably not using, but should be