Most companies aren’t protecting their travelling employees from cybercrime
US and Canadian business travellers are at an increased risk due to lack of protection provided by their employer
A new survey of North American business travellers, commissioned by World Travel Protection, has found that companies may not be doing enough to prevent their employees being the target of cyberattacks.
The Opinium survey reveals that only about a third of companies require their travellers to adopt basic cybersecurity measures, such as:
- Ensuring two-way authentication on devices – US, 36 per cent; Canada, 36 per cent
- Using a VPN – US, 30 per cent; Canada, 32 per cent
- Having antivirus software installed on devices when travelling – US, 32 per cent; Canada, 32 per cent.
Only a quarter of respondents say their companies have asked them to take a training course on how to improve cybersecurity (US – 28 per cent; Canada – 24 per cent).
Additionally, less than a third of business travellers say they are asked by their company to avoid unsecured wi-fi networks (US – 32 per cent; Canada – 28 per cent); use a laptop screen protector while working in public (US – 28 per cent; Canada – 20 per cent); or ensure their laptop is stripped of all but essential files for the trip (US – 20 per cent; Canada – 14 per cent).
One in 10 say their organisation hasn’t asked them to take any cybersecurity measures at all (US – eight per cent; Canada – 10 per cent).
Problems with no protection
Frank Harrison, Regional Security Director Americas, World Travel Protection, said: “This data is alarming, as cybercrime presents a large and growing risk to companies, threatening to disrupt their operations, tarnish their reputation, and expose them to legal action if they fail to safeguard data.”
He also noted that the number of malware attacks worldwide reached 5.5 billion in 2022 and continues to grow, adding that business travellers are an easy target to exploit, as they often carry sensitive company information and frequently use laptops and mobile devices in busy public places such as airports. Mobile devices are prime targets for an attack, and business travellers should be particularly wary if they lose their devices.
“Threat actors now have the capabilities to identify and target mobile devices, deliver malicious code to the device, access a device to track your location, activate your device’s microphone, and intercept messages,” Harrison added. “Adopting cyber-secure measures that focus on risk mitigation is essential for all organisations’ travel policies to protect travellers and their data.”
He suggested companies improve their cyber hygiene by:
- Keeping device software updated
- Using antivirus software with a VPN component
- Requiring strong app and online account passwords – preferably biometric with two-factor authentication enabled.
Harrison finally recommended utilising secure mobile wi-fi hotspots, rather than public wi-fi, for internet access in public or unknown areas.