Work-From-Home Can Deliver Big Cyber Risks for Small Businesses

August 19, 2019

Remote employees place businesses at risk, yet many small business owners are not properly mitigating potential cyberthreats, nor are they adequately protecting their employee platforms, a new report says.

As work-life and technology continue to evolve, a growing number of small business owners find themselves adopting remote work policies or “WFH” perks. However, their employees, who use company platforms in locations such as coffee shops and airports, are more susceptible to the risk of an online attack.

According to Nationwide’s fifth annual Business Owner Survey, 83% of small business owners allow employees the option to work securely from a remote location when needed. With young business owners (those ranging from ages 18-34), this number jumps to 95 percent. Yet, only 50% of small business owners have updated their remote work security policy in the past year. Failing to continually revise remote work policies in the digital workplace could put those business owners at higher risk of a cyberattack, the insurer says.

The survey found that one in five small business owners have not committed their employees to formal cybersecurity training.

Only 4% of business owners have implemented all of the cybersecurity best practices and recommendations from the U.S. Small Business Administration cited below.

“What may seem like a harmless public Wi-Fi network could ultimately pose serious troubles for a business,” says Catherine Rudow, vice president of cyber insurance at Nationwide. “Many employees may not realize the magnitude of risk associated with a cyberattack as they may not have engaged in a formal training process. The scary truth is that many small business owners, even if they are aware of these risks, have not implemented all the proper measures of protection.”

Nationwide’s Business Owner Survey also found:

  • 65% of business owners admit they have been victim of a cyberattack; computer virus attacks are the top type of attack reported at 33%, phishing is number two at 29%.
  • 86% of business owners believe that digital risk will continue to grow. 30% of companies with 11-50 employees do not provide any type of formal training on cybersecurity.
  • Despite the simplicity of regularly updating software, 7% of companies still fail to take that step. Reputational risk is among the top reasons (45%) why business owners would consider investing in or purchasing a cybersecurity policy.
  • 35% of business owners who have never experienced a cyberattack are unaware of the financial cost to recover, highlighting a dangerous gap in knowledge from the implications.

Best Practices The U.S. Small Business Administration recommends the following best practices:

  • Establish security practices and policies to protect sensitive information
  • Educate employees about cyber threats and hold them accountable
  • Require employees to use strong passwords and to change them often
  • Employ best practices on payment cards
  • Make backup copies of important business data and information
  • Create a mobile device action plan
  • Protect all pages on public-facing websites, not just the checkout and signup pages

Nationwide commissioned Edelman Intelligence to conduct an online survey between June 6-12, 2019, among a sample of 400 U.S. small business owners with between 11-500 employees.

Topics USA Cyber Commercial Lines Business Insurance Training Development Small Business

Was this article valuable?

Here are more articles you may enjoy.

From This Issue

Insurance Journal West August 19, 2019
August 19, 2019
Insurance Journal West Magazine

101 Sales, Marketing & Agency Management Ideas; Market: High Net Worth, Intellectual Property; Corporate Profiles – Fall Edition