LONDON — Nearly three quarters of business decision makers (71 percent) believe that the shift to 100 percent remote working during the COVID-19 crisis has increased the likelihood of a cyber breach, according to new data released by cyber security company Centrify, a leading provider of Identity-Centric privileged access management solutions.

The data, obtained via a poll of 200 senior business decision-makers in large- and medium-sized UK companies conducted by independent polling company Censuswide on behalf of Centrify, also revealed that 46 percent have already noted an increase in phishing attacks since implementing a policy of widespread remote working.

The polling took place on March 26–27, as the UK government announced much stricter lockdown policies to tackle the coronavirus, including urging all employees to work from home where possible.

The research also found that 79 percent of business decision makers have increased their cyber security procedures to manage high volumes of remote access over the next three months. Similarly, 73 percent of businesses have given staff extra training on how to remain cyber-safe when working remotely, with specific training around verifying passwords and log-in credentials.

The survey also noted additional fears that IT systems are at risk, with over half (53 percent) saying they believe that privileged IT admin remote access is at risk of security breach.

Andy Heather, VP, Centrify commented: “Cyber criminals will no doubt attempt to seize the opportunity presented by the all-out expansion of remote workers, many of whom have not been proficiently trained in even the most basic of cyber security measures. Therefore, it is essential that businesses and employees remain vigilant during these challenging times.”

“Organizations of all sizes must prioritise security protocols when transitioning employees from an office to a remote working environment. This includes introducing professional training for all employees on how to operate IT and online infrastructure safely, and how to spot unusual or potentially malicious activity.

“Furthermore, businesses should take an Identity-centric approach to secure remote privileged access, to ensure that any hackers and cyber criminals can not gain access to sensitive systems or data.”

Donal Blaney, MD, Griffin Law, a cyber security specialist legal firm commented: “Ignorance of the law is no defense, even with remote working. Company directors and business owners owe it to themselves, their staff, their shareholders, and their customers to know how to protect their businesses and their customers’ data.

“They will only have themselves to blame if they have ineffective defences. Ensure your systems are secure, train your staff, keep anti-virus programmes, hardware and software current, and clarify the method with which you connect with customers securely.” — SG