Half of firms worried remote working has increased cybersecurity threat, poll finds

Businesses urged to run regular security training as survey reveals one in 10 companies fell victim to a cyber attack last year

More than half of UK firms believe remote working has left them open to cyber attacks, a report has found.

The poll of 1,000 firms, carried out by the British Chambers of Commerce (BCC) and Cisco, said that the majority of firms believe they are now more exposed following the huge increase in the number of people working remotely since the start of the pandemic.

The research also found that one in 10 had been the victim of cyber attack in the last year, increasing to more than one in seven for firms with more than 50 employees.

Aine Rogers, head of small businesses at Cisco UK & Ireland, said remote working was more exposed to security threats than ever before. “Organisations are no longer just protecting an ‘office’ but a workforce.

“As businesses and individuals, we’re more exposed than ever to security threats. Whether it’s fraudulent SMS campaigns posing to be a delivery company, or hacking your home network, criminals in the cyber world are cunning,” she said.

Rogers said businesses needed to change their thinking around cybersecurity to focus on securing employees and what they are doing, and not to focus on where they are.

Get more HR and employment law news like this delivered straight to your inbox every day – sign up to People Management’s PM Daily newsletter

This was echoed by Martin Tiplady, managing director of Chameleon People Solutions. “In an increasingly dangerous cyber climate, employers would be advised to check their systems and their security amid a new and unprecedented set of risks in a hybrid and virtual world,” he said.

“This is not just about unwitting employee risk-taking, but the security of what they are using,” said Tiplady.

Hayfa Mohdzaini, senior research adviser at the CIPD, recommended employers run regular cyber training for remote workers to reduce the chances of a successful attack. “In particular this should focus on how to spot phishing scams, which are becoming increasingly common,” she said.

“Crucially, HR teams should also be working with their IT counterparts and line managers to look at improvements in job design and system and procedures that can help to further reduce the risk of a breach,” said Mohdzaini.

Shevaun Haviland, director of the BCC, added that it was “not surprising that many firms were caught out” by the implications that the shift to remote working had on their cybersecurity arrangements.

“All of the BCC’s research indicates that a shift to a more hybrid way of working, with many staff now splitting their time between the office and home, is here to stay, so it is more vital than ever that firms have the right protections in place,” she said.