Cyber security risks in the workplace

Share on Social

Cyber threats are constantly evolving, which means that your cyber security strategy should also evolve to stay ahead of the challenge.

The modern workplace must have policies and security measures in place that can help the business to reduce its exposure to cyber threats.

Digital threats vary, which means there is no one-size-fits-all solution which can protect your business from a data breach.

We outline how to protect your business from cyber security risks in the workplace below.

Bring your own device (BYOD) policies

Digital transformation has meant that it is becoming more and more common for employees to bring their own personal devices (laptops, phones, tablets etc) to the workplace.

If a personal device is then used to carry out work tasks it could compromise sensitive business information if it is ever lost, stolen or hacked.

How to protect your business:

Make sure your business has a BYOD policy in place – this will help your management team to establish rules and procedures for bringing personal devices into the office. It will also help to reduce the level of risk that personal devices pose to the company network.

It may also be worthwhile for your business to set a privilege policy, which will limit employee access to areas of the network. Your employees should only have access to networks and drives that are necessary for them to perform their jobs.


This type of cyber attack can be extremely damaging to businesses of all sizes, and there is no sign of it disappearing in 2020.

Ransomware hackers lock their victims’ network defences, encrypt their data and display a message demanding a ransom for its restoration.

These payment demands are usually requested in untraceable Bitcoin and paying the ransom doesn’t guarantee your access will be restored.

How to protect your business:

Make sure your employees are educated about the risks of ransomware attacks.

Learning about this type of cyber attack could help your employees to spot and avoid phishing attempts.


Malware (a form of ransomware) is mostly spread via email. In most cases a malicious message or attachment will be sent to the victim’s contacts; these emails vary and while some of them can be spotted easily, in many cases they look legitimate.

How to protect your business:

Make sure your business is using an anti-virus software which can scan email attachments and their links before they’re opened, which will help your business to reduce the risk of getting caught out by a suspicious email.

Employees should always refrain from opening potentially dangerous attachments or clicking on links provided via emails.

Letting cyber security basics slide

In recent years we have all heard of major cyber security incidents caused by businesses and public sector organisations failing to cover the cyber security basics.

Hackers will take advantage of common vulnerabilities and from there hack into organisations and their systems, very easily.

According to the National Audit Office, one of the main factors which led to the success of the notorious WannaCry attack in May 2017 in the UK was the NHS’s “failure to patch and update systems and reliance on old software”. The WannaCry cyber attack cost the NHS £92m and 19,000 appointments were cancelled.

How to protect your business:

Officially backed by the UK Government, Cyber Essentials is a great solution for businesses looking to improve their cyber security settings and standing. By implementing five simple key controls, you can protect your business from up to 80% of common cyber security threats.

Find out more about our packages and get started with your Cyber Essentials certification.