‘Tis the season to… watch out for data breaches

3 min read

As we approach the festive season, the risk of serious cyber security breaches increase. Our experts explain how public sector teams can take a number of practical actions to ensure they stay safe while working online this Christmas.

1- Firstly, why is the festive period a risky time for cyber attacks?

Let’s start with online shopping, something most of us now do. Research by the National Fraud Intelligence Bureau shows that over last year's Christmas shopping period (Nov 2019 – Jan 2020) there were 17,405 reports of online fraud, reporting a loss of £13.5m.

With national and local lockdowns forcing much of the retail sector to close physical stores, online shopping has skyrocketed this year, meaning there is all the more opportunity for cyber criminals to attack. It also significantly increases the risk of human error, when it comes to safeguarding sensitive data.

The festive season can also be an opportune moment for phishing scams that target shoppers checking emails and messages for delivery updates and deals. Fake charity scams also take advantage of our holiday generosity. That’s why it’s important to stay vigilant.

2- What challenges does this time of year bring when it comes to cyber security in the public sector workplace?

Now let’s look at the working environment. 2020 was the year that office workers, including many public sector teams, embraced home working. It was a huge change, and one lots of us are still getting used to.

Some employees may still not be aware of the risks of using free Wi-Fi at locations such as coffee shops and bars, despite these being insecure and open to communication interception by cyber criminals. This can once again, put sensitive data at increased risk. The National Cyber Security Centre has provided some essential guidance and advice for secure home working.

Add to this, the widespread practice of employees emailing documents to their private email on their own devices, where security is invariably lower, and you’ve inadvertently opened your organisation to potential attacks.

3- Are there any other contributing factors that increase the risk of insecure outbound email comms over the festive period?

People may be more easily distracted as the holidays approach. They are shopping, making plans with family and friends (albeit, virtually this year) and are not necessarily following usual best practices for data security. This can increase the likelihood of a person accidentally emailing the wrong file, or sensitive data going to the wrong individual, and become a costly data leak. IT and security staff may also be operating at reduced capacity, as people take the remainder of their annual leave before the year ends.

Now is a great time for team managers to remind staff of good practices for cyber security hygiene and refresh their memories of the most important dos and don’ts.

4- Many local authorities across the UK have already stated that it is unlikely their full teams will return to the office, even once the pandemic has passed. When it comes to secure comms, what do they need to think about long term?

2020 was crisis mode – we had to react quickly to a situation dramatically unfolding around us. Local authorities IT departments had to quickly adapt at the start of the pandemic to better support a distributed workforce.

In September this year, Gartner released an update of its Market Guide for Email Security, which stated that “Dramatic increases in the volume and success of phishing attacks and migration to cloud email requires a re-evaluation of email security controls and processes.”

Now that it’s clear more people will continue to work remotely in the long term, now is the time for security leaders to focus more of their efforts on email data protection. Many organisations concentrate security efforts on preventing cyber attacks, which account for only a fraction of the data breaches overall. Now more than ever, with the new working landscape, the focus needs to shift to email data protection.

Really improving email data security means helping your employees catch mistakes before they hit send. For this you need solutions that help people select the correct content, for the right recipient and with the appropriate security measures, every time.

Local government teams are the frontline when it comes to safeguarding citizen data and complying with regulatory requirements. That’s why it’s so important to give them digital tools that are easy-to-use and require little training, whether they are working remotely over the festive period, and beyond.

Safeguarding digital communications such as emails, chats and file transfers can help ensure that information can be easily exchanged from anywhere.

Find out more about how error prevention technology is enabling local government teams to catch mistakes in their communications before hitting send, avoiding potential data leaks.

Written by

Kate O'Neill

Originally published on December 23, 2020

Last update on December 23, 2020