Will writers are constantly exposed to cyber risks due to their work handling personal data and financial information. However, cyber-crime has accelerated since the Covid pandemic led to a rise in home and hybrid working.[1]
When we went in to lockdown, we turned to technology for almost everything ‒ shopping, socialising and of course, work. For many businesses, this was an entirely new way of operating. Adaptations were made to enable employees to work remotely, but any changes in approach could lead to new risk exposures.
Entire industries suddenly had to use technology in a completely different way ‒ and this led to a degree of vulnerability. Organisational security may have been diluted, there were generally fewer tech staff, and remote access meant more chinks in the armour.
Four in ten businesses (39%) have reported cyber security breaches or attacks in the last 12 months.[2] Cyber-crime threatens everyone and everything, from everyday consumers to small business owners, to global corporations and even national security. Anyone can be targeted, and the attacks can come under various guises as cyber-criminals become more sophisticated.
Phishing
Covid-19 has meant a rise in emails or texts that can trick people into giving away financial information or passwords. Criminals have used the pandemic, changes in travel rules, business recovery news and vaccine rollouts as ways to get people to click on links and allow access to their data. May 2021 saw a 440% increase in phishing ‒ the largest ever phishing spike in a single month, with approximately half of businesses and consumers seeing at least one additional sustained infection.[1]
Ransomware
There were 14.6m UK ransomware attacks in the summer of 2021, up 151% from the previous year.[3] This technique uses malware to encrypt a victim’s entire computer system, leaving it completely unusable and inaccessible unless a ransom is paid. These ransoms, often in bitcoin, can be huge.
Cloud breaches
Experts predict that 50% of the world’s data will be stored in the cloud by 2025.[4] Cloud-based IT systems have become more vulnerable as many homeworkers are now responsible for setting up and configuring their security settings: this can mean less security protection through firewalls and blacklisted IP addresses, and without these, working on “looser” internet connections, there is a higher chance of cyber-attacks ‒ and that’s a lot of data to attack!
User device targeting
As more employees work away from the office, more of them are likely to use personal devices. If not secured through a corporate network, these devices tend to be easier to hack. Opening texts and emails on phones is easily done, accidentally. With criminals creating sophisticated communications mirroring the branding of reputable organisations, there is more room for error.
For businesses operating in the will-writing sector, clients’ personal and financial details are at risk, as well as business incomes.
So what are the best actions to take?
Training
Human error will always need to be considered, but this can be minimised through user awareness training. Educate all your employees about the risks; it is one of the best prevention measures. Banks, the police, the NHS, HMRC and reputable companies will never ask for sensitive information or financial details via email, phone or text. Encourage all your staff to be vigilant and conduct regular training sessions to ensure things remain fresh.
Audit
A full review of your cyber security is worth carrying out regularly. This will mean looking at other precautions that need to be considered. An independent organisation can objectively identify all potential risks and advise on the best measures to take. The Cyber Resilience Centre provides excellent advice and contacts for starting the process.[5]
Increase in security measures
Back everything up and use multi-factor authentication (MFA), strengthening the user login process and providing additional protection. Defences can be made more effective and simple to maintain by using AI: machine learning essentially looks at how cyber-criminals operate and adapts security systems and protocols automatically. Never give out business information, financial details or passwords to unexpected contacts. Set up spam filters on all your accounts.
Official advice
Look into the advice and guidelines provided by your industry’s regulating bodies. When creating wills, there will be personal and financial information being shared, all the more sensitive. Therefore protection and the right advice is recommended.
Cyber-crime is evolving. It cannot be avoided, and business security needs to be front of mind as it develops. By getting the right advice and keeping on top of your processes, you can help your business protect itself along the way.
If you have any questions or concerns about cyber-crime and how you can take steps to look after your business, get in touch on 01482 388513 or email [email protected]
[1] https://www.infosecurity-magazine.com/news/may-phishing-increase-webroot/
[2] https://www.djsresearch.co.uk/InformationTechnologyMarketResearchInsightsAndFindings/article/Nearly-four-in-10-businesses-reported-cyber-security-breaches-or-attacks-in-the-last-12-months-reveals-survey-04893
[3] https://digit.fyi/uk-ransomware-attacks-surge-dramatically-in-2021/
[4] https://cybersecurityventures.com/the-world-will-store-200-zettabytes-of-data-by-2025/
Image by Pete Linforth from Pixabay