As we enter a second year of everyone working primarily from home, many companies are focusing on updating their systems and software to ensure sufficient cybersecurity when working from home.


We take a look at the biggest security threats your company could face this year and provide some top tips on how to protect your business from them.

Cybersecurity when working from home: the biggest threats this year

There are many cybersecurity risks of working from home. How well do you understand the online threats facing your business?

UK businesses lost over £6.2 million to cyber scams in 2020, with a 31% increase during the height of the pandemic (May – June).

Knowing how to maintain security when employees work remotely is key to protecting your business. Make sure employees have access to an up-to-date remote working security policy so they are familiar with the latest advice.

Social engineering attacks

One of the newest security issues with working remotely is social engineering attacks use human emotions such as fear, greed, curiosity, helplessness and urgency to commit a cybercrime.

  • Examples of social engineering crimes include:
  • An attacker pretending to be a fellow employee to ask for sensitive data
  • Receiving a voicemail that states you’re under investigation for tax fraud
  •  An offer that asks you to transfer a small amount of money to see it grow into a huge sum
  • Using national news or events to trick people, for example, an insecure link to book your covid-19 vaccine
  • A request from an online shopping website asking you to urgently confirm your debit card details

Cybersecurity measures such as regular employee training on how to spot social engineering attacks are essential to protect both your employees and business.


Phishing is one of the biggest threats to cybersecurity when working from home.

Hackers use a false identity to trick people into providing confidential information, visiting a site that contains malicious malware or downloading malware via attachments or links.

Electronic communication is at an all-time high due to the rise in homeworking which makes phishing attacks extremely common, especially in email.

Protect your sensitive data by making sure employees are aware of the signs of phishing scams such as:

  • A misspelt domain name
  • Poorly written content
  • Suspicious attachments or links
  •  A sense of urgency

Cybersecurity for remote workers should include regular training and sending out some posters for employees to refer to.

PDF scams

PDF scams are designed to get you to open an attachment that contains malware, phishing links or ransomware.

These particular cyber-attacks are becoming increasingly common because the increase of home working has resulted in more PDF attachments being shared via email, making them worryingly convincing.

Your company can protect itself from these types of attacks by training employees how to spot unusual email addresses, headings and names.

Remember to keep your systems and software up-to-date with the required security patches and run anti-malware software to help combat cybersecurity in 2021.

Malware and ransomware

Hijacked software and lost data are just a few of the problems companies face with a malware or ransomware attack.

Viruses, Worms and Trojans are all types of malware that employees need to recognise and understand.

Regularly updating your employees’ computer software and hardware is important to protect against these types of cyber-attacks. Old software poses a security risk and can also lead to a malware or ransomware attack.


Database exposure

Companies are moving more and more information to the cloud, including entire databases of sensitive information.

A database exposure attack exposes information to hacking or theft. Hackers gain access to databases by stealing login credentials or using malware to gain it.

Database exposure is particularly dangerous to businesses as the stolen data usually includes names, email address, addresses and birth dates.

By making sure you have a database firewall and web application firewall you can protect your server and hardware containing sensitive information. Other methods of database exposure prevention include keeping access to the server limited, encrypting data on the server and backing it up regularly.

Accidental sharing

Accidental sharing is the result of human error rather than malware or cybercriminals. Personal and business data are forms of accidental sharing via emails, messaging apps or social media platforms.  

Whilst companies can’t prevent human mistakes, there are certain ways to reduce the risks of remote working and accidental sharing such as limiting the number of employees who have access to sensitive data and implementing user activity monitoring software.

Helping you to protect your IT systems

Cybersecurity when working from home has never been more critical. Partnering with an experienced IT support company like CBS IT will ensure your company has an effective security solution in place to mitigate the risk of cyber threats in 2021. Call us today to book your free IT consultation. For the latest working from home, cybersecurity tips visit our blog.