Firms could face increased ransomware risk over the festive season

Businesses could be at greater risk of data security issues during the holiday season partly as a result of workers using company-owned devices for personal use.

Research from cloud security specialist Menlo Security found that there are now more threats to corporate devices and networks than ever as hybrid work models blur the boundaries between work and home. More than half of UK respondents (53%) reported performing non-work-related tasks – such as online shopping – on company devices. 63% are doing more online holiday shopping in 2021 compared to previous years, with nearly half of respondents stating that they had been shopping for gifts this holiday season on a work-issued device such as a laptop or mobile phone.

Workers are also noticing a rise in cyber threats this holiday season, with 48% of UK respondents observing an increase in scams and fraudulent messages. Menlo’s research – which surveyed 2,000 employed people in the US and UK – found that while employees are concerned about threats and are taking some measures to mitigate them, they often have false confidence in their security posture. 65% believe they are secure from cyberthreats if they are using a company device.

Mark Guntrip, senior director of cybersecurity strategy at Menlo Security, said: “Workers are becoming increasingly aware of the threats that loom while browsing the web. However, they have a false sense of security about the level of protection they have when using corporate devices. As a result, they are unintentionally exposing their corporate networks to a slew of vulnerabilities.”

“More employees are using company-issued devices for not only work, but also personal tasks like shopping and banking, which is putting entire networks at risk of being breached. To mitigate this risky behaviour, organizations must make it a priority to adopt a Zero Trust security approach to prevent cyberattacks before they happen and ensure that they’re protected if they do fall victim to bad actors.”

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.