As October is coming to an end, so is the European Cyber Security Month (ECSM).
The ECSM is an annual campaign created by the EU to promote cyber security among its citizens and organizations. It aims to provide up-to-date online security information by raising awareness and sharing good online practices.
Every year, hundreds of activities take place across Europe during October, including conferences, workshops, training, webinars, and presentations to promote digital security.
The ECSM campaign is coordinated by the European Union Agency for Cyber Security (ENISA) and the European Commission with support from all EU member states, including hundreds of partners (such as governments, universities, professional associations and private sector businesses).
Due to the COVID pandemic, our digital resilience has been tested worldwide as more and more people have been pushed to conduct their everyday lives and work online. Our lives have shifted into the digital dimension so educating the online user has become more important than ever before.
The main objectives of the 2021 campaign were to ensure that end-users and organizations are well informed on the potential cybersecurity risks and that they stay safe online. The general intention is to help EU citizens develop a basic understanding of the different types of online security and privacy issues.
Since the first event in 2012, the European Cybersecurity Month has been reaching its key priorities by bringing together parties from across Europe to unite against cyber threats. Each year, the campaign aims to provide the knowledge and tools to promote safer use of the Internet for EU citizens.
So, to shed some light on the month that is now coming to an end, we’ve asked IST’s Privacy Manager, Maria Wellmert, what she thinks is important to be aware of as more and more employees work remotely, even after the pandemic. Maria said:
“The COVID pandemic has presented a lot of new challenges in its aftermath. Organizations will now, to a greater extent than ever before, have employees that will work from home on a regular basis, and with that comes an even bigger responsibility on the employer and the organization to oversee how and where their data is used.”Maria Wellmert, Privacy Manager at IST
“Not only is it important to care for the physical work environment when working from home, it is equally as important that employers address the technical challenges as well. There need to be policies and guidelines in place when people are working remotely in order to ensure that the data and information, they are dealing with is not compromised. These guidelines should include questions regarding how secure your private wi-fi is, for example is there a secure password, is the router updated with the latest firmware etc., but also contain instructions on what information the employee is allowed to work with when he/she is not in the office. If the information is classified (according to the organization’s information classification policy) she/he needs to be aware of how to do this in a secure manner, either by sitting in a secluded place at home or using an integrity screen filter.”
“Many organizations are now presenting flexible workplace policies where it will be possible for employees to work from their summer houses or even abroad. If this is the case, the organization’s compliance department needs to be involved from a data protection point of view. This means data flows of personal data will be changed and one needs to be very careful if this means working from a country outside of the EU.”