Mobile ransomware attacks have risen by a staggering 250% this year, with 40% of businesses experiencing an attack in the last 12 months according to research from Kaspersky.
From Petya to Wannacry, the UK has experienced a huge influx in attacks, forcing companies to re-think their attitude towards cybersecurity.
While companies tend to view IT departments as the first port of call for cybersecurity, there are a number of actions that HR directors can take to ensure that their staff are safe and well protected says Isaac Daniel, the CEO and founder of Macate.
Speaking to HR Grapevine, Daniel advises that there are initiatives a HR team can introduce to ensure the company and employers are properly educated on cybersecurity. They have been listed below:
Host companywide seminars on cybersecurity
“While news of these cyberattacks make national headlines, the average person’s knowledge on the subject matter is minimal, so it is important that you educate your employees on the implications their actions can have on the security of the business,” Daniel explains. “Research from the UK’s Information Commissioner’s Office revealed that the most common type of data breach occurs when someone sends data to the wrong person – a seemingly harmless mistake. By hosting regular discussions on the subject, you can remind employees of the potential risks involved when handling data and how they can make simple, but effective changes to their business practice.”
Introduce BYOD policies
Bringing your own device (BYOD) has become extremely popular amongst companies in recent years, but having hundreds of different handsets sharing important company information can be a logistical nightmare.
Combine this with the new General Data Protection Regulation (GDPR), which can leave firms facing fines of up to $20million, BYOD can pose a real threat.
However, this threat can be contained through effective policies, Daniel reassures. “The HR team should check that the correct insurance policy has been taking out on the devices to help protect themselves against the financial risk associated with a data breach and encourage employees to use specific software to ensure that sensitive data is shared correctly. Secure messenger platforms, such as Whatsapp and Netme, can allow employees to communicate securely out of office, and there are now apps, such as Cypeers, which can add another level of encryption to email providers.”
Introduce companywide device standards
Some companies have chosen to revoke their BYOD policies considering the recent cyberattacks, choosing instead to introduce one standard company phone, which comes with a high level of security. These few steps can help alleviate the pressure on a company’s IT department, and raise the awareness of the danger cyberthreats pose.
“It is important that every member of a business understands how they can individually help protect the data and information they handle, and having clear policies is a great step towards achieving this,” Daniel concludes.