By Jon Fielding, managing director EMEA, Apricorn
Human error and apathy still present a major threat to the security of data when employees are working remotely. This is despite valiant efforts from organisations to educate their workforces in cybersecurity risks, and the practices they must follow.
In a recent survey carried out by Apricorn, more than half (57%) of UK IT leaders said they expect remote workers to expose their organisation to the risk of a data breach, up from 44 percent in 2018. More than a third believe their remote workers simply don’t care about security.
For those organisations that had experienced a data breach in the last year, employees unintentionally putting data at risk was the leading cause (33%), followed by lost or misplaced devices – cited by 24% of respondents, a rise from 17 percent a year ago.
These findings highlight a continued and growing ‘insider threat’ that organisations must address. Given the increased numbers of people working remotely due to the COVID-19 outbreak, any weaknesses in the security strategy will be amplified. Increasing volumes of sensitive and confidential data are being accessed from outside the traditional corporate network perimeter, from a combination of work devices and personal devices. And regulations such as GDPR certainly haven’t gone anywhere.
Malicious actors are seeking to take advantage of any chinks in an organisation’s armour – and the human being is often the target. According to research from KnowBe4, for example, phishing email attacks relating to the pandemic rose 600 percent in the first quarter of the year, as hackers sought to profit from disrupted businesses and distracted individuals.
A lack of buy-in
The growing human risk uncovered by Apricorn’s survey suggests that organisations are still struggling to get employees to buy into the security strategy, and that’s a problem which cannot be addressed by IT alone. Different functions of the business – in particular HR, but also communications and the executive team – need to collaborate to ensure a consistent and effective approach to cybersecurity across a highly distributed workforce.
Not only do organisations need to protect their data, but they need to do so while enabling staff to be productive and efficient.
The approach taken must combine the right technology and tools with policy, education and culture change.
Find and address the vulnerabilities
IT first needs to identify exactly where the organisation’s cybersecurity vulnerabilities lie, encompassing both technology and human factors.
This must include an audit of all software to determine whether the latest updates and patches are in place, and a check of all security controls currently applied to on-premise network infrastructure, databases and systems, as well as any parts of the IT estate that run in the cloud. Any gaps where infrastructure, hardware or software are exposed to a breach must be immediately addressed.
In addition to technology, weaknesses in security policies, procedures and processes must also be addressed, particularly those that cover remote working and employees’ use of their own devices for business purposes. IT, HR and the internal comms team should work together to update policies and create new ones where appropriate, setting out clearly how employees are expected to behave, the best practice protocols they must apply, and the devices they’re allowed to use and how.
Strict policies around the use of removable media such as USBs and hard drives are also essential.
All policies then need to be communicated effectively to the entire workforce, in a way that ensures they understand what they must do differently and how to comply. An effective education programme is essential, which again demands collaboration with HR and comms teams.
Build a culture of accountability
Nearly two thirds (63%) of respondents to Apricorn’s survey said their remote workers are willing to comply with security measures, but don’t have the necessary skills to do so. Comprehensive training programmes must be designed and rolled out to all employees, including temps, contractors, part-timers and senior executives. These should be both informative and engaging in order to secure buy-in.
In addition to being trained in good cybersecurity practice, to build a security-focused culture employees should be educated in the specific risks and legislation that apply to the organisation, why certain requirements are in place, and the consequences of failing to follow procedure.
More than ever before, protecting data from loss or theft is everyone’s responsibility, and senior teams must lead by example, modelling best practice behaviour. They should be involved in communicating key messages directly to employees, perhaps via video.
The risk of human error will always remain, and enforcing policies is a challenge when the workforce is so dispersed. To mitigate this risk, IT should implement a safety net of technical controls that will protect data if employees make mistakes or decide to cut corners.
Strengthen endpoint controls
Securing the endpoint will protect data and systems wherever the employee is working, and whatever device they use, allowing the organisation to have complete confidence in the integrity of its information.
This can be done through, for instance, only allowing remote workers to use devices that have been provisioned or approved by corporate IT, and putting in place a policy that requires hardware encryption of all data as standard – whether it’s being stored or is on the move. Encryption creates the all-important ‘last line of defence’ which will keep information safe whatever else is happening around it.
One way to guarantee that remote employees work in the best and safest way is to provide highly secure portable hard drives and USBs with in-built encryption capability. All data is automatically hardware encrypted as the user uploads it, so that if the device does end up in the wrong hands the information on it will be inaccessible.
IT can also use such USB devices to roll out a secure remote working environment to the entire workforce, by loading them with the corporate ‘desktop’, featuring all standard applications, operating systems, configurations and security settings. Employees simply boot this up on whatever computer they’re using, and work within a trusted environment that has the same approved settings and controls they would get in the office.
Tightening up access control will also mitigate the insider threat. Establish who has permission to access each data set and each corporate application. What devices are they using for this purpose? Do they really need to be able to access everything? Next, restrict employees’ access to systems and databases according to ‘least privilege’ principles, and implement a privileged access management (PAM) solution.
A long-term solution
This current situation is likely to trigger a more sustained shift to hybrid office/home working models for many organisations. Collaborating across departments to facilitate secure and productive remote working should therefore be seen as a long-term approach.
Increased collaboration will help to equip employees with everything they need to access their work data and systems seamlessly and securely from wherever they’re working, while ensuring that their need for productivity and flexibility is not compromised.
The outcome will be an engaged and committed workforce, made up of individuals who use the right tools in the right way, and take personal responsibility for protecting corporate data when they are out of the office.
Tech talent visa sees 48% increase in applications over one year as global founders look to the UK
- Demand for Global Talent Visa applications has increased over two consecutive years since 2018 – up 45% and 48% respectively
- Demand is expected to increase from 2021as, from January, the Tech Nation Visa will be opening up applications to exceptional tech talent from the EU hoping to work in the UK
- 52% of those endorsed for the Tech Nation Global Talent Visa are employees, while 28% of those endorsed are tech founders
- App & software development, AI & machine learning,and fintech are the most common sectors for visa holders. Most endorsed applications come from India, the US and Nigeria
- 41% of Global Talent Visa applicantschose to reside outside of London to work in the UK’s strong regional tech hubs
Today, Tech Nation, the growth platform for tech companies and leaders, launches a new report, which reveals changes in the international talent landscape and growing interest in the Global Talent Visa.
The Tech Nation Global Talent Visa
As the race for global tech talent heats up, many countries have been making their pitch to attract the best and brightest tech talent to grow their tech industries and create jobs. The Global Talent Visa, for which Tech Nation is the official endorsing body for Digital Technology, plays a key role in enabling international tech talent to contribute to the UK economy and to the growth of high priority sectors such as AI and Cyber.
The visa has seen applications increase significantly over the past two years, with 45% and 48% increases respectively. Since November 2018, the Tech Nation Global Talent Visa has received 1,975 applications and endorsed 920 visas from over 50 countries worldwide. Demand is expected to increase in 2021 with the EU coming into the route.
52% of those endorsed for the Tech Nation Global Talent Visa since 2014 are employees at some of the UK’s leading tech firms, helping to fill existing talent gaps, while 28% are tech founders bringing ideas, talent and capital into the UK’s fast growing tech sector. In 2020, the visa enabled 421 founders to set up business in the UK, up from 400 in 2019.
This global talent is distributed right across the UK. 41% of endorsed applicants for the visa are based outside of London, working in the UK’s strong regional tech hubs. App & software development, AI & machine learning, and fintech are the most popular sector destinations for visa holders, reflecting growth in those tech sub-sectors. India, the US, and Nigeria are the top three countries from which exceptional talent has come into the UK with the Tech Nation visa.
A surge in demand and interest
Labour markets around the world and in the UK have undergone profound shifts in 2020. The data released today shows that there has been a 200% increase in the volume of users in the UK searching online for terms explicitly related to ‘UK tech visas’ between April and September 20201. This surge in interest to work in the UK’s digital tech sector is reflected globally too, with a 100% increase in users internationally searching for these terms in countries like the US and India.
Digital tech roles remain in high demand in the UK. Cyber skills are becoming increasingly important within the UK, particularly in regions such as Wales and the East and West Midlands where there has been a huge increase in demand between 2017 and 2019 (351%, 140%, and 86% respectively). Demand for AI skills has increased by 111% from 2017 to 2019, with Northern Ireland and Wales seeing the greatest increases in demand – 418% and 200% respectively.
Minister for Digital and Culture Caroline Dinenage said: “It’s no surprise the UK’s world-beating technology sector appeals to international talent. Our dynamic companies reflect the UK’s long-standing reputation for innovation and are renowned on the global stage. We are open to the brightest and the best talent, and this visa scheme makes it easier for companies across the country to recruit the talent they need to grow.”
Stephen Kelly, Chair of Tech Nation, comments: “The UK is a global talent magnet for Tech founders. The UK provides rich opportunities for entrepreneurs to set up, flourish and scale a business. The Global Talent Visa is crucial to making this process easy and accessible. Tech Nation’s Visa Report shows that, despite the pandemic, international interest to work in the UK tech sector has never been higher. Attracting tomorrow’s tech leaders to the UK is crucial to the continued growth of the sector, the UK’s place in the world, and driving the nation through recovery to growth in the digital age.”
Trecilla Lobo, SVP, People at BenevolentAI and Tech Nation Board Director, said: “The UK tech ecosystem continues to contribute to the creation of jobs and to innovative products and services. The Tech Nation Visa enables the UK tech sector to maintain its competitive advantage by attracting the best talent in specialist skills in tech, research and AI and a more globally diverse perspective to help us innovate and create amazing products and services. As an immigrant to the UK in my late teens, the UK visa scheme has enabled me to bring my experience, expertise and contribute to the people agenda for tech scale-ups in the UK, and helped me build a successful career in tech. I am really excited that the Tech Nation Visa will open opportunities and streamline the visa process for future global tech talent.”
Hao Zheng, Co-founder & CEO at RoboK, based in Cambridge and Newcastle, said: “I decided to work in UK tech because of the well-established ecosystem, world-class research and innovation and the high-level of experience that is extremely valuable for startup technology companies.”
Congcong Wang, Head of Operations at TusPark, based in Cambridge, said: “The UK is a world leading innovation hub, particularly in the fields of AI and Healthcare. Its environment fosters young talent, breeds disruptive innovation and creates amazing companies. Also, the culture of the UK is nurturing and tolerant for innovation, as it is considered a “safe place” for those inspired to take on the more risky route of entrepreneurship.”
Sumit Janmejai, Data-Driven Cybersecurity Professional at Capgemini, based in London said: “Having studied in the UK and worked with UK professionals, I could appreciate the fact that the UK is fast becoming the center of innovation, research and development in the Tech Industry. Besides that, the country offers an excellent life, welcoming culture, and a safe environment. It was an easy choice.”
Are bots eating your Facebook budget?
By Mike Townend, founding CMO of Beaconsoft Ltd
In an increasingly digitised world, social media has arguably become the most powerful and influential tool at the disposal of businesses, both large and small.
With more than 3.6 billion active social media users worldwide today, it is no surprise that many companies view it as an unparalleled means of marketing their products and services to new and otherwise unreachable audiences, as well as an opportunity to better understand consumer demand and habits.
Facebook is often regarded as one of the very best social media platforms for marketers – not least because of its targeted digital advertising service – but many firms using it may not realise just how much of their budget could be being wasted due to ad fraud.
Numerous studies suggest digital ad fraud affects between 10% and 60% of all types of digital advertising, with businesses of every size falling prey to so-called ‘bots’ – automated programs used by scammers to undercut deals, divert visitors or steal clicks.
But how do bots work, how might they be affecting businesses’ Facebook budgets, data and analytics, and what can be done to combat them?
How do bots work?
A report published by security firm Imperva found that bots – both good and bad – are responsible for 52% of all web traffic, while a separate study by White Ops concluded that as much as 20% of websites that serve ads are visited exclusively by fraudulent click bots.
In simple terms, a click bot is specially designed to carry out click fraud – in other words, the bot poses as a legitimate visitor to a webpage and automatically clicks on pay-per-click [PPC] ads, buttons or other types of hyperlinks.
Their purpose is to trick a platform or service – in this case, Facebook – into believing that real users are interacting with the webpage, app or ad in question.
Usually, bots will not just click a link once; they will click it over and over again to give the impression that the webpage is receiving a high level of traffic.
Why is this a problem?
The presence of click bots on Facebook is particularly problematic because they can effectively drain a business’ online marketing budget without many of its targeted ads reaching real users who might have a genuine interest.
There are a number of reasons why click fraud could be used – for example, competitors may employ a ‘click farm’ – a group of low-paid workers or bots hired to click on paid advertising links – or organised criminals may have found a way to profit from clicking on a business’ links.
In other cases, apps and software are created to collect the payout for a company’s ads, often with the help of bots.
Considering the average cost per click in the UK is £0.78, according to Hubspot, with some ad campaigns for popular key phrases running at £10 per click, or even more, it is clear to see how easily this could mount up if a firm’s budget were to be hijacked by scammers.
How might bots affect data and analytics?
Negative click bots have the potential to produce skewed analytics from Facebook advertising campaigns.
Because many businesses are unable to distinguish between fake clicks and legitimate ones, the data that they collect can lead to false conclusions and decisions that could have a detrimental impact on the business. For example, firms may choose to overspend or under-invest on a campaign based on findings that are substantially erroneous.
Businesses must be confident that they are making sound decisions that are informed by reliable data and analytics – and fortunately, there is a way that they can do this.
Taking the fight to the bots
There are a number of methods that firms can use to identify bot clicks, some more straightforward than others.
Frequently checking Facebook analytics for irregularities in traffic that could be attributable to bots can make this task considerably easier.
Specific things to monitor include the average number of page views, the average session time, and the source of referrer traffic – if there are any glaring anomalies in the data, bots could be the source.
Big spikes in page views caused by a higher number of visits than usual can also be indicative of bot activity and are especially dangerous given their propensity to slow down the page for genuine visitors.
Once malicious traffic has been identified, steps can then be taken in blocking it at source, although this is not a simple process and requires technical knowledge and know-how.
After removing negative click bots, companies can take comfort in knowing they are optimising their campaigns by gaining accurate insights that help to increase efficiency, lower the cost per visit, and improve return on investment.
Defeating the bots that are impairing a business’ performance on Facebook is by no means easy, and it requires time and effort to keep malicious traffic under constant surveillance.
Having experts on your side who are well versed in identifying and removing instances of click fraud can help to turn the tide in the battle against bots and ultimately allow a company to make big savings on its advertising spend.
Firms not only owe it to themselves, but to their customers also, to knock these harmful and disruptive programs offline for good.
Advanced Acquiring: How can omnichannel merchants optimise all payment needs through one provider?
By Marc Docherty, Head of UK Acquiring / Large – Strategic Business, Ingenico, a Worldline brand
Today’s consumers are constantly moving, buying across multiple touchpoints, devices and channels, thus driving significantly greater transactional volume. Against this backdrop, in order to capture and harness the market potential, omnichannel remains an essential strategy for merchants while conducting business operations.
Driven by consumer demands regarding a richer, more personalised and seamless buying journey, ease of use and frictionless transactions have always defined the terms for omnichannel success. However unsurprisingly, payments processing is not always at the forefront of merchants’ minds, hence, more often than not, businesses find it difficult to capture the fundamental importance of a seamless experience.
As a result, they risk not only alienating and losing customers and leaving revenue on the table, but also inefficient management of their costs by missing important savings on acquiring fees. It is therefore prudent for businesses to consider how best they can provide a frictionless experience if they want to remain competitive and ensure conversions in this increasingly fast-paced world.
Understanding how payments processing works
Innovation and efficiency in payment processing is often focused on the transaction itself, helping merchants conduct sales and process payments faster and through more convenient platforms, such as online and mobile. All these transactions, irrespective of the channel used or their value, might take only seconds to complete, however behind the scenes there are many different industry players (including an acquirer, an issuer, the payment gateway, the card network and the merchant), working together towards the same goal: making sure the payment process is flawless, secure and fast.
In theory, the payment should pass from each party without the customer ever noticing, however with a multitude of different providers at each stage, this process can be prone to errors or extra time added to the transaction, leaving shoppers with a disappointing payments experience hence less likely to return for another sale.
Much the same as their consumer counterparts, merchants also appreciate seamless experiences, frictionless integration and having everything in one place. They want to focus on their core business without any restrictions or having to worry about declines, chargebacks or interchange fees. As such, consolidating all this information in a single, comprehensive view will be a key asset for merchants, providing them with full visibility over their processes.
Offering the most relevant payment methods at the checkout is key
Local and alternative payment methods have enormous potential to drive greater value to merchants not only by expanding reach but also by strengthening the merchant – customer relationship. According to findings from a recent Capgemini report, online retail growth, coupled with the rapid adoption of transparent payment experiences and alternative payment methods will continue to drive non-cash transaction momentum, which is expected to reach 1.1 trillion by 2023.
Yet, while accepting a wide but relevant range of payment options at checkout will drive shopping enthusiasm and maintain consumer loyalty, this can add different complexity levels to the checkout process, depending on several factors, including performance, security, design, the merchant’s business size and geographical reach. Add targeted marketing programmes, product development and delivery strategies, return policies, risk and fraud management to the priorities list for merchants and surviving the long road ahead might easily become daunting.
That’s why, instead of trying to do it all by themselves, merchants should make it a top priority to partner with a competitive acquiring provider who can do this for them, ensuring the balancing act between security, flexibility, frictionless payments and speed.
By working with a partner that is acquirer agnostic and understands both business requirements and the importance of providing operational excellence, merchants can benefit from cost savings for each transaction with the different payment methods they offer. Furthermore, by working with a single acquirer better reconciliation for merchants will be achieved, thus ensuring faster payouts.
A full-service solution to rule them all
With coverage and expertise in over 120 countries, we are perfectly placed to assist businesses in delivering their expansion strategy in their home market or across borders. Our Advanced Acquiring full-service solution is a modular offering that addresses merchants’ needs for a more unified experience, including acceptance, payment gateway and acquiring.
What better way to expand geographical reach and boost revenues than by offering the most relevant payment methods for your target markets, while at the same time improving cash management with some of the fastest payouts on the market and keeping track of transactions and settlements into one unified omnichannel reporting solution which covers all your payments needs?
Tech talent visa sees 48% increase in applications over one year as global founders look to the UK
Demand for Global Talent Visa applications has increased over two consecutive years since 2018 – up 45% and 48% respectively Demand is...
New digital first bank – Monument – announces its key technology providers
Monument selects Mambu, Salesforce, Amazon Web Services, Persistent Systems and Accenture as key providers for its technology build Monument is...
COVID-19 and PCL property – a market on the rise?
By Alpa Bhakta, CEO of Butterfield Mortgages Limited Over the last five years, demand for prime central London (PCL) property...
Are bots eating your Facebook budget?
By Mike Townend, founding CMO of Beaconsoft Ltd In an increasingly digitised world, social media has arguably become the most...
The Hidden Costs of International E-commerce
By Gavan Smythe, Managing Director, iCompareFX Taking a business globally can be an attractive prospect, potentially targeting markets with fewer competitors, taking...
Digital Euro Could Spur Major Breakthrough Towards More Liberal EU Payments Market, Expert Says
The recent talks about a possible digital version of euro have raised discussions throughout the industry. According to Marius Galdikas,...
Advanced Acquiring: How can omnichannel merchants optimise all payment needs through one provider?
By Marc Docherty, Head of UK Acquiring / Large – Strategic Business, Ingenico, a Worldline brand Today’s consumers are constantly moving,...
UKRSIBBANK, part of BNP Paribas Group, announces a strategic partnership with financial wellbeing startup Dreams, to enhance the digital user experience of its 2 million customers in Ukraine
The technology powering popular consumer app, Dreams – which has helped 460,000 users save over 440M EUR – will be...
Study: 1 in 10 fintechs’ main priority for 2021 is survival
FinTech Connect reveals that many fintechs simply want to survive the next year 44% of fintechs are focused on optimising...
Motivate Your Management Team
A management team, typically a group of people at the top level of management in an organization, is a team...