Most business travellers have poor cybersecurity
A survey from World Travel Protection found that less than a third of business travellers used two-factor authentication on work devices
Less than a quarter (24 per cent) of business travellers are obliged to install mandatory anti-virus software on their devices, according to a survey by Opinium commissioned by World Travel Protection.
This is despite most (85 per cent) of respondents stating that their organisations provide or mandate cybersecurity measures.
The survey of 501 UK business travellers who go abroad for work at least once per year – which was conducted between 23 January and 2 February 2023 – also found that less than a third (29 per cent) of respondents were required to ensure two-factor authentication was set up on all work devices.
Additionally, only one in five (22 per cent) of respondents have had training on how to improve their cybersecurity.
Other steps that travellers were required by their organisations to take when travelling included not using unsecured or public Wi-Fi hotspots (25 per cent); using a virtual private network (VPN) on mobile devices (16 per cent); and ensuring that the screen lock is enabled on their devices, and that the countdown for auto lock has not been extended (21 per cent).
Only 15 per cent of business travellers were required by their organisation to travel with a laptop stripped of all but essential files. Almost a sixth (12 per cent) were required to keep location sharing on so that their organisation can trace them in an emergency, while 11 per cent use biometric security features such as facial recognition or fingerprints. One in 10 use a different mobile phone while travelling.
Cybercrime poses a risk to businesses
This low level of interest in maintaining strong cybersecurity among business travellers could pose a problem for employers, given the growing threat that cybercrime poses – according to World Travel Protection, the number of malware attacks worldwide reached 5.5 billion in 2022.
Kate Fitzpatrick, Regional Security Director for Europe, the Middle East, and Africa (EMEA) at World Travel Protection said: “Cybercrime is a significant threat to organisations in the UK and business travellers are an easy target to exploit. They carry sensitive data and frequently use laptops and mobile devices in public places which may not be sufficiently protected.
“Business travellers should always keep in mind the risks to them or their company if information was stolen and act accordingly. For instance, if you’re travelling to a location where there’s a requirement to download a state-required app, always use a device which has had any proprietary information removed. Then once a traveller has returned, devices should be wiped and reset for the next trip,” she added.
Fitzpatrick concluded: “A cyber-attack can potentially crush a business long term, particularly if a data breach is involved and customers’ details are leaked or at threat of being leaked. Prioritising cyber secure measures to focus on risk mitigation should be uppermost in all organisations’ travel policies, particularly with insurers increasing premiums for cyber coverage as well as introducing more stringent warranties and conditions.”
Greg McAleer from Global Guardian explained how business travellers can minimise cybercrime risks in the October 2022 edition of ITIJ.