Companies should commit to employees’ well-being to boost cybersecurity during pandemic

Regardless of a company’s product or service, nothing comes close to employees as the organization’s most valuable asset in bringing in revenue. In the same breath, it’s also the employees that are the perennial apple of the eyes of cybercriminals to help them bring home the bacon. Exploiting human weaknesses like inattention, ignorance or negligence has proved to be easier and cheaper than trying to fool sophisticated protection software.

Company size and industry doesn’t even matter — cyber attacks are usually productive leaving business owners hurting with losses. To manage the damaging effects of a single data breach, a small to medium business (SMB) spends an average of $101,000 (5.050 million pesos) while an enterprise company shells out a whopping $1.057 million (52.850 million pesos), according to the most up to date Kaspersky data.

“Historically, the human factor has been the organization’s weakest link in any cybersecurity incident. And regardless of how advanced your security technology is — just one careless or clueless move by an employee will put the whole organization at risk. But today’s working environment as impacted by COVID-19 may potentially up the ante as far as cybersecurity risks are concerned,” said Mary Grace Sotayco, Kaspersky territory manager for the Philippines.

Companies should commit to employees’ wellbeing to boost cybersecurity during pandemic [Kaspersky photo]
Companies should commit to employees’ wellbeing to boost cybersecurity during pandemic [Kaspersky photo]

According to the cybersecurity company, working remotely means companies have less control over IT security such as in situations when employees are not issued corporate devices. In the Philippines, the bring-your-own device (BYOD) approach is pervasive within the small and medium sector due to cost issues.

With the pandemic, Kaspersky said it’s business as usual for cybercriminals who are also working from home. These nefarious groups have been active since the second quarter of this year as brute-force attacks on database servers were monitored to have increased by 23%, malicious files planted on websites were up by 8%, and network attacks and phishing rose.

But a bigger threat to any businesses during this period is not the lack or insufficient technical cybersecurity know-how of its employees but their wellbeing.

A recent survey on the mental health of remotely working Filipino employees during quarantine revealed that adjusting to the new normal and isolation are leaving employees stressed, anxious, and depressed.

The cybersecurity company said despite being considered the weakest link, businesses can start looking at their employees as their first line of defense instead to bolster their defenses. Kaspersky says it’s possible for business owners to achieve this by prioritizing their employees’s wellbeing immediately.

“We have always advocated for businesses to provide technical support to their entire organization. But we’re currently in a different situation and the logical step forward is to ensure that work-from-home teams are not only supported in their technical knowledge on security but are also assisted in terms of their wellbeing. When employees remain calm and collected, work-related human error is significantly minimized. We strongly recommend organizations to pay extra attention to their staff’s mental health to boost their team’s resilience at this time,” added Sotayco.

While breaches are unavoidable, its impacts can be kept to a minimum. Kaspersky offers the following tips for businesses during these times:

  1. Keep communication lines open, communicate more and sincerely. 

Your people will need and appreciate your transparency. In case a crisis strikes, make sure they get information first from you than from external sources. 

  1. Provide employees with an emergency preparedness plan early on

This will empower the people and will help lessen their possible panic and stress over the incident. A recent Kaspersky report revealed that almost half of employees don’t know how to respond to ransomware attacks. Another study from the cybersecurity company revealed nearly three-quarters (73%) of workers say they have not had any additional IT security awareness training after they switched to working from home full-time.

  1. Equip WFH employees with protection solutions for their devices. 

In the Philippines, Kaspersky has an ongoing limited offer for enterprises which will allow their employees to have internet protection software at discounted pricing. Most SMBs would benefit from this since the BYOD practice has been worrisome for 48% of businesses because they acknowledge that devices are shared for personal and work use. This is a particular concern for 57% of small businesses. 

In a study conducted by Kaspersky in April 2020, it showed that only a third (32%) of businesses have provided their employees with antivirus software to use on personal devices for work purposes since the transition began. While 86% of respondents say they have antivirus software installed on their personal computers, there is now more responsibility on employers to offer the right protection solutions. 

Additionally, just half (53%) of workers say they are using a VPN to access their employer’s network when working from home. This could potentially be leaving corporate information and files vulnerable to cyberattacks, or accessible to people outside of the business. 

  1. Put in place a good workload management. 

Against the backdrop of this global crisis, most employees these days identify burnout as their biggest stressor, according to professional feedback platform blind. The study cited the following reasons as reasons for burnout: no separation between work (27%), unmanageable workload (20.5%) and job security concerns (19%). 

  1. Provide psychological and social support. 

When your staff feel they’re being supported enough by the company, this validates their contributions and their performance is enhanced. In an article by the World Health Organization, Switzerland-based neurologist Dr. Konstantinos Petsanis says that stress behavior in general brings a lot of problems. He affirms that if mental health needs are addressed as soon as possible, there will be fewer work-related errors and issues and there will be less stress and panic among the staff. 

Kaspersky, through its local distributor iSecure Networks, recently launched its Enterprise Employee Discount Program which allows its existing partners nationwide to avail of up to 45.15% off on its premium security solutions.

Under the exclusive promo, the 2-year, 5-device Kaspersky Internet Security license, which regularly costs P3080 is now offered for just P2150 or just P25 per month. Meanwhile the 1-year, single-device Kaspersky Total Security is priced from P1390 to only P800, or a savings of 42%.

Kaspersky partners interested to avail of the promo may get in touch with Shiela Borja, marketing communications officer at iSecure Networks at 09269593725 or through their Facebook page at iSecureNetworksInc.