In this emergency phase, technology has proved indispensable for business continuity and at a time when many companies are more dependent on their good functioning, cyberattacks have multiplied, laying bare the fragility of systems and networks that are not adequately protected.
These days the egregious news of the hacker attack on the EMA, but only in recent days there have been many companies, including Italian ones, that have suffered violations. And the figure is growing significantly. In fact, a recent survey* noted that in Italy in recent months, which coincide with lockdown and related ‘work at home’, cyberattacks have increased by 250%.
In addition, according to the latest estimates of Clusit, the Italian Association for CyberSecurity, in the first half of 2020 there were 850 serious cyberattacks on a global scale (almost 5 per day!). According to the report, most attacks, 61% are related to phishing campaigns, or computer scams via email, in association with malware (21%), that is, malicious software. 64% of the victims fall into the “multiple targets” category, these are structured attacks to harm as many people and organizations as possible. It also emerges that 11% of attacks are related to the healthcare world and 12% have targeted government targets.
“But the risks come not only from outside – explains Rita Santaniello, partner at Rödl & Partner, lawyer expert in labour law and data protection – but, very often, from the inside, from the use of tools, such as laptops and smartphones, not adequately aware and informed by workers. These fragilities are taken advantage not only by hackers but also by unfair competitors, to take over company information and know-how, putting both sides of the employment relationship at risk: the employer and his assets, on the one hand, the workers, their personal sphere and their personal data, on the other.“
Appropriate protective measures must therefore be put in place, adapted to the new forms and the changed working environment, taking into account not only the purely computer risks but also the physical risks, particularly when it comes to private housing, which is often inadequate and lacking the most basic security measures.
“In this scenario, training plays a key role in accident prevention,” explains Dr . Santaniello – Workers must first be trained and made responsible for the use of IT tools, risks and preventive measures. Surely the best way to prevent these risks is first and foremost to equip workers with tools that already contain greater safety guarantees than the employee’s “private” ones. In fact, the policy of the so-called BYOD (Bring Your Own Device) exposes the company to greater risks.”