The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Is Cybersecurity a Home Working Health and Safety Issue?

Is Cybersecurity a Home Working Health and Safety Issue?
30 March 2021
 

Bureau Veritas is urging businesses who are remote working to prioritise cybersecurity as a health and safety risk.

As Britain looks set to embrace a long-term shift to remote working, Bureau Veritas, a provider of Testing, Inspection and Certification (TIC) services, wants cybersecurity culture to be improved across the board in businesses.

It comes as recent reports show hackers earned a record £28 million last year for reporting software flaws during the pandemic. Meanwhile, with more companies introducing hybrid models of working in which staff split their time between the office and home, cybersecurity is increasingly becoming a health and safety issue, with rising pressure on firms to create a “cyber-safe” working environment – whether that is in the home or the office.

As such, Bureau Veritas is encouraging businesses to mitigate this rising risk by ensuring all employees are trained and up to date on the latest best practices.

 

"One example is working from home during the pandemic, how many of us left our work laptops unattended and accessible while we were home-schooling or answered the door for packages?"

–Basilio Vieira

Lead Auditor, Bureau Veritas

 

Leaving Laptops Unattended

 

Basilio Vieira, Lead Auditor at Bureau Veritas, said: “The coronavirus pandemic has irreversibly changed the way we work. And with more of us set to split our working week between the home and the office, organisations need to respond to this ‘paradigm shift’ by treating information security as a health and safety risk.

“This means instilling a workplace culture which prioritises cybersecurity at all times so that employees take this seriously wherever they may be working. One example is working from home during the pandemic, how many of us left our work laptops unattended and accessible while we were home-schooling or answered the door for packages?

“Yet, we only need to look at the 2017 WannaCry attack on the NHS4, which cancelled 19,500 medical appointments, including operations and locked computers at 600 GP surgeries, to understand the huge implications for mechanical failure that weaknesses in the information security system on can have. But when we think about cybersecurity it’s more than just hackers – we’re talking about protecting confidentially, integrity and availability of data and IT systems and currently that’s paramount.”

 

ISO 27001 Certification

 

According to Bureau Veritas, businesses looking to create a robust system for handling information security risks should look to ISO 27001. A voluntary certification, it sets out best practice in terms of managing the security of assets such as financial information, intellectual property, and information entrusted by third parties.

Basilio continues: “It’s also worth considering that with most offices or work buildings now functioning off a central, protected network, such systems need to be monitored to detect actual or attempted cyber attacks and failures. As such, a standard like ISO 27001 will help firms complete a risk assessment and ask those all-important questions. What happens if the system is exposed? What’s the worst-case scenario planning?

“ISO 27001 is a comprehensive solution which provides a framework that is adaptable to any environment. Ultimately, it means you can reap the rewards of a more connected world while acknowledging and managing the risks associated with this.”

Picture: a graphic showing some code on a computer screen

Article written by Ella Tansley | Published 30 March 2021

Share



Related Articles

Security Everywhere – Cyber Security Essentials Q&A Part One

Learn more about the realities of cyber crime in this Q&A with cyber security expert Francis West. From Whatsapp fraud to investment scams, cyber crime has...

 Read Full Article
UK Data Centres Designated as Critical Infrastructure

UK data centres are now classed as critical national infrastructure, the same status associated with energy supply, water supply, transportation, health and...

 Read Full Article
Bureau Veritas Welcomes 3rd Amendment to 18th Edition, but says it ‘Sparks’ a Renewed Focus for Duty Holders

Martin Sampson from Bureau Veritas outlines the latest regulatory changes for FMs dealing with electrical installations on their premises. On 31 July 2024, the...

 Read Full Article
Worldwide IT Outage – What We Know So Far

A major IT outage caused major disruptions at airports, GP surgeries, and retail stores. Computer systems across the world crashed, experiencing the “Blue...

 Read Full Article
Reported Ransomware Incidents in UK Doubled in 2023

A Freedom of Information request has revealed that there was a resurgence in ransomware-related incidents following a quieter 2022.   In the first six months...

 Read Full Article
Cushman & Wakefield’s European Offices Awarded ISO 14001 Certification

All 28 of Cushman & Wakefield’s main corporate offices across 15 countries have completed ISO 14001 audits, demonstrating effective environmental...

 Read Full Article
Spotlight Interview – Francis West | Security Everywhere

Francis West is CEO of Security Everywhere, a company which helps SMEs to secure their money, data and reputation with managed security services. Francis is a trusted...

 Read Full Article
Studies Show Home Workers Suffer Higher Rates of Back Pain

An independent study of over a thousand workers shows that the rate of chronic sufferers of back pain is highest among those working from home full-time. Conducted by...

 Read Full Article
UK Government Introduces Day-One Right to Request Flexible Working

Millions of employees across the country are set to benefit from new legislation that means flexible working can be requested from the first day of employment. The...

 Read Full Article
Interserve Fined £4.4m for Failure to Keep Staff Details Secure

The UK’s IT security watchdog has fined Interserve for breaching data protection law and failing to prevent a cyber attack. The Information Commissioner’s...

 Read Full Article