by Mark Conway
Today’s businesses face an unprecedented cybersecurity challenge. They must keep their networks free from threat but do so without impacting the user experience. To add to this, the benefits they see through adopting a more flexible, mobile workforce actually go hand in hand with the need to mitigate auxiliary risk. Despite the mounting hurdles, however, some of the most responsible corporate citizens refuse to be stopped in their tracks. They recognise the gains afforded through corporate cyber awareness and chose to support their employees away from work and into the home.
It’s in this regard that Trend Micro was invited to the headquarter’s of National Lottery operator Camelot Group. Our brief was simple. Discuss security practices outside of the office and provide guidance on achieving a healthier cyber environment for themselves, their children and their families.
It’s a model we hope will be replicated with other organisations moving forward.
On the frontline
Staff are at the frontline when it comes to facing down cyber-attacks. Trend Micro alone blocked over 66.4 billion threats last year, of which 631 million were ransomware related. The attacks are everywhere; in the home, in the office, aimed at the individual and aimed at the corporations.
Info-stealing malware, ransomware and business email compromise are just some of the ways in which an attack can manifest. However, businesses should take heed of Verizon’s statistic associating 43% of 2017 breaches with phishing. What this really means is that staff action (or inaction) is playing an ever increasing role in preventing the next data leakage headline.
BYOD and mobile/remote working has brought about a focus on watertight policies and security awareness training in the workplace. But what about at home? Without further security consideration any device an employee uses, that isn’t properly secured, poses a threat to the corporate network if it is ever introduced/reintroduced to the network. Also safe behaviour is safe behaviour wherever its conducted, right?
Even if an organisation isn’t impacted directly, poor home user security has the potential to impact a business community in other ways. For instance, if a user’s personal smart device was to be hijacked and conscripted into a DDoS or crypto-mining botnet, this by its very nature, could be used in an attack on that organisation’s business partners. The consequences of this fallout speak for themselves.
So, more than ever before, it has become crucial that both device and behaviour are afforded corporate security attention.
The Camelot model
That’s why it’s great to see Camelot taking the initiative. The firm already offers comprehensive cybersecurity training in the workplace. But it has made a laudable and proactive decision to extend that security outside of the “9 to 5”. It’s most recent move is to offer a copy of Trend Micro’s Maximum Security home user product to anyone in its user community who requests it.
Even better still, the management team got in touch with us to arrange a training session based on encouraging a more secure online environment for their users and their families.
Through a series of meetings with the security and compliance team at Camelot UK, Trend Micro agreed to present complimentary training alongside suggested follow-on activities for staff. The latter to be integrated into their daily routines.
Our experts then presented to around 80 Camelot employees, sharing their experiences on internet safety management, the threat landscape for family members and how employees could take key messages out to their local communities and proliferate the training concepts further still.
Our slide content and notes will help the firm in training their entire user base around the world. Camelot employees even expressed an interest in arranging an additional session at which older kids could present to younger children on good internet safety.
This is a great initiative by Camelot and one we hope will provide a model for many more companies to come. Organisations don’t operate in a vacuum. Every employee is a home user, with an extended network of family and friends. So arming them with the right tools and awareness to stay safe outside the office will not only help to mitigate risk for the company, but also assist in making the internet a safer place for all.