Jessica joined RWA in 2018, having graduated with a First Class Honours degree in Film Studies. Her role as a content designer involves developing new and engaging e-learning modules as well as assisting in the creation of articles for Insight.
Cyber Risks: Staying Vigilant over Weekends and Bank Holidays
The Easter holidays have drawn to a close, the last of the easter eggs have been eaten, and while the current British weather has not been great, many of us are already looking forward to sunny days at the beach or even planning a get-together with friends and family for the Coronation of Charles III. But while some of us are planning ahead for what to do during our time off, cyber criminals are also doing some planning of their own, waiting for the opportune moment to strike.
Cyber-attacks are more likely to occur during the weekends or on bank holidays according to a global study from cybersecurity consultancy Cybereason. Firms become more vulnerable to exposures due to having less staff to provide cover during these time periods. Staff who are feeling stressed and close to burnout on the lead up to time off may also unwittingly cause risk while trying to quickly tie-up any loose ends before signing off.
Attacks such as ransomware that occur on a weekend or bank holiday can also take longer to mitigate and recover from. 35% of respondents stated that ransomware attacks that occurred during these times made it harder to assemble the right team to respond to the threat, whilst a further 86% revealed that they had to put their holiday plans on hold as a result of a cyber-attack. The longer it takes to respond, the greater the financial and legal repercussions, not to mention severe reputational damage.
Cyber risks do not take a break over bank holidays and weekends, so it is important to remain vigilant during these periods.
Methods to improve cyber security over during bank holidays and weekends include:
- Practice good security hygiene: Firms should have a monitoring system in place that can detect any suspicious activity on their networks. This system should be set up to send alerts to the appropriate staff members in case of any incidents. Ensure that operating systems as well as security and other general use programmes are regularly updated and patched.
- Conduct regular vulnerability assessments: Firms should conduct regular vulnerability assessments to identify potential weaknesses in their systems. This will help them to take proactive measures to prevent cyber-attacks.
- Have a contingency plan in place: Firms should have a plan in place that outlines the steps to be taken in the event of a cyber-attack. This response plan should include procedures for isolating affected systems, notifying relevant parties, and restoring services.
- Utilise multi-factor authentication: Firms should implement multi-factor authentication measures to ensure that only authorised users have access to sensitive data and systems and that they can be reached in the event of a threat. Where possible, key accounts should be temporarily locked down over holidays and weekends.
- Encouraging staff training and awareness: human error is one of the biggest problems for cyber security. Firms should ensure that all staff members are trained on cyber security best practices. Scenario-based training, such as how to recognise a phishing email or reporting suspicious activity can help staff identify and mitigate a cyber threat. By increasing knowledge and understanding, it can help foster a culture of cyber security awareness and increase resilience.
Everyone deserves to enjoy their time off without the stress of coming back to a cyber-attack. By having the right procedures in place and staying vigilant, both you and your staff can take the time to enjoy the upcoming bank holidays in peace.
Last month, we covered some of the biggest threats to cyber security. To refresh your memory, you can read the article here.
Users of the Development Zone can also access a range of curated modules covering Cyber Risks and Data Security through our Content Catalogue. For those not currently using the system, you can find out more and request a free 14-day trial here: https://mydevelopment.zone/#getStarted