However, other quantitative and qualitative evidence from the study suggests that the risk level is potentially higher than ever under COVID-19, and that businesses are finding it harder to administer cyber security measures during the pandemic. For example, fewer businesses are now deploying security monitoring tools (35%, vs. 40% last year) or undertaking any form of user monitoring (32% vs. 38%). Therefore, this reduction among businesses possibly suggests that they are simply less aware than before of the breaches and attacks their staff are facing.
VPN security flaw left big businesses at risk
Download Zip: https://9cunginngulne.blogspot.com/?vq=2vGT6u
Upgrading hardware, software and systems has also become more difficult. With staff working at home, there are more endpoints for organisations to keep track of. Fewer businesses (83%, vs. 88% in 2020) and charities (69% vs. 78%) report having up-to-date malware protection. Fewer businesses (78% vs. 83%) and charities (57% vs. 72%) have set up network firewalls. In large businesses in particular, having laptops with unsupported versions of Windows is a significant security risk (affecting 32% of large businesses).
The most common actions are around deploying security monitoring tools and undertaking risk assessments. By contrast, threat intelligence remains a relatively niche undertaking. These results are mostly consistent with previous years, although fewer businesses are carrying out security monitoring this year than in 2020 (down from 40% to 35%).
Businesses in the finance and insurance sector (26%), and information and communications sector (26%) are more likely than average (12%) to monitor immediate supplier risks. Finance and insurance businesses are also more likely than average to have reviewed their wider supply chains (18%). However, it is still a minority of the businesses in these sectors that do so, despite tending to have more sophisticated approaches to cyber security overall.
Over four in ten businesses (43%) and three in ten charities (29%) report being insured against cyber risks in some way. As Figure 4.4 shows, across all size bands, this is more likely to be through a broader insurance policy, rather than one that is cyber-specific. Specific policies are more prevalent among medium and large firms.
Wi-Fi is a convenience that many businesses use, but it poses a severe vulnerability because it immediately gives users access beyond the firewalls. If it is not password protected, it is accessible to anyone, including intruders looking for ways into networks. With wireless access points, network security is at risk because all devices with an internet connection can read traffic flowing in and out of the network. 2ff7e9595c
Comments