Financial services firms were hit hard over the past year, with 70% experiencing a successful cyber-attack and most of these blaming COVID-related conditions for the incident, according to Keeper Security.
The password security firm commissioned the Ponemon Institute to poll over 370 UK IT security leaders in the sector, as part of a larger global study.
It revealed that the rapid shift to remote working forced on businesses during the pandemic provided threat actors with an opportunity to target remote workers.
Over half (57%) of respondents argued that cyber-attacks are increasing in severity as a result of work-from-home (WFH) and 41% argued that remote workers are putting the business at risk of a major data breach.
Respondents were most concerned about a lack of physical security wherever their employees are remote working from (48%) and their devices becoming infected with malware (34%). This matters in the UK especially as it boasts more privileged users than any other country: 31% of remote workers have access to critical, sensitive and proprietary information.
Trend Micro research last year revealed that home workers often engage in more risky behavior than when they’re at the office. When combined with the surge in COVID-19 phishing emails and devices that may be shared with other users in the same household and/or less well protected than corporate equivalents, it adds up to a potential perfect storm of risk.
Insufficient budget and lack of know-how on combatting cyber-attacks were flagged by respondents as the biggest IT security challenges with remote working.
They were most concerned about the threat to customer records (50%) and financial information (48%). IT security managers right to be worried, given the potential regulatory and reputational impact of a breach.
According to Keeper Security CEO, Darren Guccione, things are particularly precarious given the double whammy of the pandemic and Brexit, which saw UK banks lose their crucial “passporting” rights.
“The adjustments to life as we know it due to COVID-19, and the limitations set to be imposed by Brexit, have seen businesses struggle adopt essential operational requirements to stay afloat,” he argued.
“Without rigorous security in place, financial institutions across the UK jeopardise their future. It only takes one cyber-attack to destroy the reputation of the entire business.”