By now, working from home is something that many businesses and professionals in Singapore have become familiar with. Whether it is the enforced default or the encouraged option, remote working is most likely here to stay well beyond the pandemic. While it comes with its advantages of employee safety and increased productivity, it has since brought about many new challenges for businesses — especially on the cyber security front.
How can companies overcome these cyber safety challenges? The best thing you can do is to arm yourself and your workforce with a clear understanding of the threats involved and the proper solutions to mitigate them.
The Impact of Remote Working on Cyber Security in Singapore
Ever since workers across the country transitioned to working from home, cyber attacks have been on the rise in Singapore. You may have come across it in the news, or possibly even experienced it yourself. So far in 2021, there has been a significant spike in data breaches, with one major case whereby data was reportedly stolen from over 300,000 customers of a furniture retailer.
As for the general sentiment among local businesses, 8 in 10 organisations in both the public and private sectors have attributed a rise in cyber attacks to remote working. In addition, 58% of companies believe that maintaining control of security devices and policies is the number one cyber security challenge for remote working.
There is no doubt that cyber security is a major concern in today’s WFH era. But what are some of the most prevalent threats?
The Rise in Cyber Threats
In the workplace, there are IT departments and personnel to help ensure cyber security for the office. But once those office staff begin working out of home, security risks increase. Here are the top three cyber threats in Singapore:
1. Unsecured Networks
Office networks are likely to have firewalls as the first defence line to block malicious activity. However, remote working employees have to use their home Wi-Fi networks, and it is possible they have not taken any steps to secure it. Home router software updates are often overlooked, with no firewalls set up as well. As such, employees accessing corporate accounts and networks from home poses a huge security risk for companies, as it is a vulnerability that attackers could take advantage of.
2. Working from Personal Devices
Staff might take home company laptops, but many may end up choosing to work off personal computers. smartphones and home printers. While this gives employees flexibility and convenience, their personal devices may not be well-secured, or updated to the latest software. Along with home networks, personal devices are equally prone to being accessed and compromised by cybercriminals.
3. Phishing Attacks
As employees can’t have face-to-face meetings, online communication via email is essential for remote working. As a result, phishing has become a prominent threat. In March to May 2020 alone, phishing URLs that targeted Singapore more than doubled compared to the preceding 3 months. Phishing tactics have become much more sophisticated and harder to detect, thus making unsuspecting employees more susceptible to such attacks.
Best Practices for Organisations
1. Establish Cyber Security Governance & Management
Many cyber security vulnerabilities, such as using personal devices, stem from employee action and behaviour. To address that effectively, it is crucial for management to put in place proper cyber security policies and governance. Start by laying out clear procedures, guidelines, and protocols for employees to follow. It is also vital to ensure compliance with data protection regulations such as the amended Personal Data Protection Act (PDPA) and relevant industry standards such as the MAS Technology Risk Management Guidelines 2021 and ISO 27001.
2. Implement Robust Cyber Security Solutions
Adopting proactive solutions such as Managed PDR, which stands for Managed Protection, Detection, Response and Remediation, can help organisations detect and stop potential cyber breaches early. For small and large businesses in Singapore, having these measures from managed cyber security service providers in place can offer confidence and peace of mind knowing that your company’s cyber security is in safe hands.
3. Train Employees on Cyber Security Awareness
Increasing employee awareness will help address the issue of human error, which is a common cause of many cyber breaches such as phishing. Consider holding regular training sessions to improve your workforce’s knowledge of the latest phishing attack tactics and teach them ways to improve their cyber hygiene. Conducting simulated phishing campaigns can also help to monitor and test your staff’s actual cyber hygiene practices and prepare your employees to respond effectively in a real attack.
Remote working has transformed organisations, with varying cyber risks affecting SMEs and enterprises. To know more about your organisation’s cyber health posture, contact us for a complimentary cyber risk assessment.