Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

Security culture and resilience – not technology – will make ‘hybrid working’ a success
Security culture and resilience – not technology – will make ‘hybrid working’ a success

Published : , on

By Jon Fielding, managing director EMEA, Apricorn

As people start migrating back to the office, organisations must facilitate yet another major shift in working practices, sustaining productivity and business continuity while keeping critical data and systems protected. Many employees are likely to combine remote and site-based working for some time, even adopting this ‘hybrid’ approach as a permanent model.

Remote workers continue to pose a major threat to data security, according to Apricorn’s latest survey of UK IT leaders, with more than half predicting they will expose their organisation to the risk of a data breach. Over a third admit their remote workers have already knowingly put corporate data at risk in the last year. As the line between home and office becomes blurred, and employees access networks and systems from a mix of devices and locations, organisations will be exposed to more risk.

Putting the right technology solutions in place to enable new efficient and flexible working models, while ensuring the business remains compliant with regulations, is of course essential. However, those that become too fixated on the tools will leave themselves vulnerable to data breaches unless they also pay attention to two key principles: building a culture of individual responsibility, and strengthening their cyber resilience.

Building engagement and accountability

For hybrid working to be successful, all employees must follow information security best practice, and comply with regulations such as GDPR. It will be up to each and every employee to safeguard the company’s security posture by protecting data and being vigilant about threats.

There’s currently a question mark over whether they’re ready to take on this responsibility. More than a quarter of the organisations surveyed by Apricorn believe their remote workers simply “don’t care” about security, which indicates an alarming lack of engagement.

Companies in the finance sector must urgently improve awareness of the specific security risks the business faces, and build knowledge of how to control them. This should involve delivering cybersecurity awareness education, alongside ongoing training – and programmes should include freelancers and other third-party contractors. The approach will need to be rethought, perhaps combining interactive video sessions with short and frequent on-demand ‘bursts’ that keep knowledge fresh.

It’s important that education programmes cover basic security hygiene; many security breaches are down to something as simple as choosing a weak password or clicking on a link from an untrusted source. Employees should be clearly and directly briefed on the company’s security policies, as well as the regulations the organisation is required to adhere to. They also need to be trained in which tools, devices and technologies they’re permitted to use to do their work, and how to implement them safely.

This practical stuff is vital – but to build a culture of cybersecurity best practice deeper employee engagement is required. Education programmes must therefore explain the ‘why’, as well as the ‘what’ and ‘how’: the reasons data protection is important, and the specific risks and consequences to the business of a breach. This context will help to increase accountability and ownership.

Strengthening cyber resilience

We’re all now acutely aware that no organisation is immune to effects of a crisis – whether it’s a pandemic or a data breach. Strengthening cyber resilience is all about being better positioned to prepare for, respond to and recover quickly following an incident. It’s important that organisations shift their focus away from trying to achieve ‘complete security’ to ensuring they have all their ducks in the row if something should occur.

Hybrid working will expand the threat surface, as staff access networks, systems and databases from multiple locations, using a mix of business and personal devices. Organisations are increasingly turning towards the company-wide encryption of data as a straightforward way of managing risk in this complex new working environment.

Encryption is specifically recommended by Article 32 of GDPR as a method to protect personal data, while Article 34 removes the obligation for companies that experience a data breach to inform each individual affected if encryption has been applied. Article 83 suggests that fines will be moderated if a company can show it has been responsible and mitigated damage suffered by data subjects. In short, encryption will give organisations the ability to demonstrate transparency and due diligence.

By providing employees with removable USBs and hard drives that automatically encrypt all data written to them, companies can give everyone the capability to securely store data offline, and move it between office and home safely. The data will be intelligible to anyone not authorised to access it, so whatever happens around the device the information on it will be secure. These devices can also be used to back up data locally, mitigating the risk of targeting in the cloud, and helping the business to get up and running again fast following a breach or other disruptive event.

We expect cyber-attacks will continue to rise through 2021, as hackers take advantage of people once again getting to grips with a new way of working – in particular ransomware, malware and phishing. Building a culture of security awareness and individual accountability, and combining this with improved resilience, will put organisations in the banking and finance sector in the strongest position to weather whatever storms are coming their way.

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post