The effect of COVID-19 and Government Lockdown has forced businesses to have employees working from home; many of these employees will not have done so regularly before. This may make businesses more vulnerable to cybersecurity issues. In this article, the MIA’s trusted intellectual property partner, Briffa, explains the practical steps businesses can take to limit the risk of cybercrime…
Businesses nee to consider the risks involved, especially in IT arrangements for remote working which may not be as secure; employees may be unfamiliar with the new IT arrangements for working from home; and employees judgment to scams and suspicious communications may be effected.
We have seen reports of increased cybercrime during the pandemic. Action Fraud (the UK’s National Fraud and Cyber Crime Reporting Centre) have reported a 400 per cent increase in coronavirus-related fraud reports in March. These figures relate to a variety of new scams, including:
- A wide range of phishing scams including:
- Emails purporting to be from HM Government asking for donations to the NHS during the COVID-19 outbreak
- Emails purporting to be from a research group that mimic the Centre for Disease Control and Prevention (CDC) and World Health Organisation (WHO), requesting donations
- Communications containing investment scheme and trading advice encouraging people to take advantage of the coronavirus downturn
- Malware, spyware and Trojans have been found embedded in interactive coronavirus maps and websites. Spam emails are also tricking users into clicking on links which download malware to their computers or mobile devices
- Online shopping scams for products which have never been delivered (e.g. protective face-masks, hand-sanitiser).
What practical steps can businesses take to limit the risk/effect of cybercrime?
The fundamental preliminary step which all businesses should take in order to prevent a cyber-attack, is to consider and develop a strategy to prevent cyber-attack and how to respond if affected. Key elements of any such strategy are likely to include:
- Understanding the cyber security risk in relation to the individual business and its critical business operations
- Integration across information assurance and personnel, technical and physical security arrangements
- Establishing protective monitoring to prevent and deter the ‘insider’ threat from an organisation’s own employees
- Accepting that some attacks will breach defences, and planning on that basis.
There are a number of practical measures which businesses should consider as part of any such strategy to help protect against risks of cybercrime and to mitigate against the impact of any breaches of IT security:
- Protocol for outward payments
- Encryption of all devices
- Back up key files
- Necessary updates
- Use work devices if possible
- BYOD (Bring Your Own Device)
- Paper documents
- Communication and training
When deciding how to proceed, businesses should consider both their short-term need and their longer term strategic interest to cyber security. A solution that works right now may not be best for those wishing to stay in the market long-term, and the need for an efficient stopgap needs to be balanced against the strategic benefits of negotiating a longer lasting solution.
Don’t forget that MIA members benefit from a free thirty minute consultation and special rates on all intellectual property and general commercial matters.
Briffa lawyers are experts in all aspects of contentious and non-contentious intellectual property law and practice. If you are starting a business and would like more information about ownership of IP or to know more about IP in general, please drop us an email or give us a call and we will be happy to arrange a free consultation with one of our specialist IP lawyers.
Contact firstname.lastname@example.org for the details if you’d like someone to ease your legal headache!