Cyber security and your business: What to look out for in 2021
We spoke to Suhail Ansari, Senior Vice President, Consumer Engineering and Operations at leading security firm and O2 partner, McAfee. He guides us through some of the biggest threats to business security in 2021.
2020 was the year many businesses had to go digital. It was also a year when crime went digital too. Suhail Ansari highlights how 2020 re-shaped the cyber security landscape and the security issues businesses need to pay attention to in 2021.
Staying safe while working from home
According to McAfee monitoring, there was a 22% increase in the number of connected home devices globally from the start of the pandemic to January 2021. With more people using connected devices at home, cyber-criminals have been granted access to personal information that could affect employers.
“Remote employees are more likely to use personal devices while working and log onto home networks that aren’t fully secured. What’s more, many of the systems behind consumer networks haven’t had their passwords changed from the default settings since it was first introduced into the home,” Suhail explains.
There are ways to protect business information at home:
- Ask all employees to update their device passwords
- Add a security solution that protects your people’s devices
- Invest in a virtual private network (VPN) that’ll encrypt data if someone connects to a malicious wifi network
Mobile payment scams
Contactless payments have quickly become the norm. Mobile payment apps make transactions quick, simple and traceable. But they’re also making our money more vulnerable than ever.
Suhail predicts an increase in ‘receive-based exploits’ in 2021. “Imagine getting an email saying you’re receiving a refund for a concert that was cancelled due to COVID-19,” he explains. “The email instructs you to click on the URL in the message, fill in your bank information, and ‘accept the refund.’ But instead of getting your money back, you find that you’ve handed over your financial data to scammers.”
The best way to protect your people and your business? Get anyone who receives a link like this one in Suhail’s example to hover over the URL. This shows a link preview. Keep your eyes peeled for any grammatical errors or typos – as it’s a sure sign of phishing. If the URL doesn’t look right, tell your people to not click on the link, report the message, and then delete it.
“Qshing” or QR code abuse
QR codes came back in a big way in 2020. With businesses using them to interact with customers while following social distancing guidance. However, while some safe QR codes were introduced to support our wellbeing, others may also put people’s data at risk.
“QR codes provide scammers with a new avenue for disguising themselves as legitimate businesses and spreading malicious links. Scammers are quick to exploit popular or new technology and QR codes are no different. McAfee predicts that this type of cyber-crime will only increase during 2021,” explains Suhail.
Using QR codes, scammers can entice people into downloading malicious apps designed to steal data. Once a hacker gains access to a customer database, they can use this information to launch phishing scams under the guise of your business. This could damage your reputation as well as your bank balance.
So it’s worth investing in a security solution that will protect devices against malware, phishing attacks and other threats.
Keeping one step ahead of cyber-criminals can feel like a daunting task. But there are a few extra things you and your people can do to stay secure.
1. Talk to your team
If people aren’t aware of the threats, they won’t know how to spot them. Tell them about best practices for cyber security, such as changing passwords and protecting customer data. Explain how small things can lead to much bigger issues and to take every potential threat seriously. Your O2 Account Manager can provide useful information to help.
2. Follow a procedure
Draft a procedure – like an escalation process – that outlines what to do if you face a cyber attack. Like hovering over the link, calling the sender or checking the legitimacy of an email sent with a link for payment. Don’t shy away from recirculating the information every six months, not only when someone joins the business. Induction days can be overwhelming for new people and they may forget. Resending vital information to all employees will give you peace of mind that everyone’s up to date on how best to deal with any security incident.
3. Invest in cyber security
The quickest and easiest way to protect your business is to invest in your cyber security. And there are some simple and cost-effective security tools that cover the threats Suhail has highlighted.
We can help
It’s worth considering whether your business may be more vulnerable to a cyber attack if your people are working remotely. O2 can help you protect your business with advice on a wide range of security options.
We’re your one-stop-shop for all essential tech. We’ll give you a range devices, productivity and connectivity tools. And we’ll help to secure it all too. When you purchase a security product, like McAfee for Business, we’ll help you get it set up with our ‘Welcome to’ service. We’ll also give you access to dedicated O2 support whenever you need it.
Talk to our team today to find out what security solutions we can offer your business.
Or read more about McAfee for Business here.