Firms Must Commit to Employees' Wellbeing to Boost Cybersecurity

Regardless of a company’s product or service, nothing comes close to employees as the organization’s most valuable asset in bringing in revenue. In the same breath, it’s also the employees that are the perennial apple of the eyes of cybercriminals to help them bring home the bacon. Exploiting human weaknesses like inattention, ignorance or negligence has proved to be easier and cheaper than trying to fool sophisticated protection software.


Regardless of a company’s product or service, nothing comes close to employees as the organization’s most valuable asset in bringing in revenue. In the same breath, it’s also the employees that are the perennial apple of the eyes of cybercriminals to help them bring home the bacon. Exploiting human weaknesses like inattention, ignorance or negligence has proved to be easier and cheaper than trying to fool sophisticated protection software. 

Company size and industry doesn’t even matter—cyber attacks are usually productive leaving business owners hurting with losses. To manage the damaging effects of a single data breach, a small to medium business (SMB) spends an average of $101,000 (5.050 million pesos) while an enterprise company shells out a whopping $1.057 million (52.850 million pesos), according to the most up to date Kaspersky data.

“Historically, the human factor has been the organization’s weakest link in any cybersecurity incident. And regardless of how advanced your security technology is—just one careless or clueless move by an employee will put the whole organization at risk. But today’s working environment as impacted by COVID-19 may potentially up the ante as far as cybersecurity risks are concerned,” said Mary Grace Sotayco, Kaspersky territory manager for the Philippines.

According to the cybersecurity company, working remotely means companies have less control over IT security such as in situations when employees are not issued corporate devices. In the Philippines, the bring-your-own device (BYOD) approach is pervasive within the small and medium sector due to cost issues. 

With the pandemic, Kaspersky said it’s business as usual for cybercriminals who are also working from home. These nefarious groups have been active since the second quarter of this year as brute-force attacks on database servers were monitored to have increased by 23%, malicious files planted on websites were up by 8%, and network attacks and phishing rose.  

But a bigger threat to any businesses during this period is not the lack or insufficient technical cybersecurity know-how of its employees but their wellbeing. 

A recent survey on the mental health of remotely working Filipino employees during quarantine revealed that adjusting to the new normal and isolation are leaving employees stressed, anxious, and depressed. 

The cybersecurity company said despite being considered the weakest link, businesses can start looking at their employees as their first line of defense instead to bolster their defenses. Kaspersky says it’s possible for business owners to achieve this by prioritizing their employees’s wellbeing immediately.  

“We have always advocated for businesses to provide technical support to their entire organization. But we’re currently in a different situation and the logical step forward is to ensure that work-from-home teams are not only supported in their technical knowledge on security but are also assisted in terms of their wellbeing. When employees remain calm and collected, work-related human error is significantly minimized. We strongly recommend organizations to pay extra attention to their staff’s mental health to boost their team’s resilience at this time,” added Sotayco. 

While breaches are unavoidable, its impacts can be kept to a minimum. Kaspersky offers the following tips for businesses during these times:

1. Keep communication lines open, communicate more and sincerely. 

Your people will need and appreciate your transparency. In case a crisis strikes, make sure they get information first from you than from external sources. 

2. Provide employees with an emergency preparedness plan early on

This will empower the people and will help lessen their possible panic and stress over the incident. A recent Kaspersky report revealed that almost half of employees don’t know how to respond to ransomware attacks. Another study from the cybersecurity company revealed nearly three-quarters (73%) of workers say they have not had any additional IT security awareness training after they switched to working from home full-time.

3. Equip WFH employees with protection solutions for their devices. 

In the Philippines, Kaspersky has an ongoing limited offer for enterprises which will allow their employees to have internet protection software at discounted pricing. Most SMBs would benefit from this since the BYOD practice has been worrisome for 48% of businesses because they acknowledge that devices are shared for personal and work use. This is a particular concern for 57% of small businesses. 

In a study conducted by Kaspersky in April 2020, it showed that only a third (32%) of businesses have provided their employees with antivirus software to use on personal devices for work purposes since the transition began. While 86% of respondents say they have antivirus software installed on their personal computers, there is now more responsibility on employers to offer the right protection solutions. 

Additionally, just half (53%) of workers say they are using a VPN to access their employer’s network when working from home. This could potentially be leaving corporate information and files vulnerable to cyberattacks, or accessible to people outside of the business. 

4. Put in place a good workload management. 

Against the backdrop of this global crisis, most employees these days identify burnout as their biggest stressor, according to professional feedback platform blind. The study cited the following reasons as reasons for burnout: no separation between work (27%), unmanageable workload (20.5%) and job security concerns (19%). 

5. Provide psychological and social support. 

When your staff feel they’re being supported enough by the company, this validates their contributions and their performance is enhanced. In an article by the World Health Organization, Switzerland-based neurologist Dr. Konstantinos Petsanis says that stress behavior in general brings a lot of problems. He affirms that if mental health needs are addressed as soon as possible, there will be fewer work-related errors and issues and there will be less stress and panic among the staff.


How to trade in online games safely

We present four rules of safe trading for gamers who earn money from in-game trades.


Many gamers have turned in-game item trading into a robust source of income. Some sell items that they cannot use for their character class. Others are just looking to unload the wealth that they have acquired before quitting the game altogether.
Unfortunately, there are also scammers in the gaming community who use cunning schemes to leave honest gamers high and dry. You should keep in mind that some publishers, including Valve, have refused to return items to players that they voluntarily gave up to scammers.
Gamers must be prepared to look after their property themselves. In this article, we tell you how to preserve the fruits of your hard grind, avoid common fraudulent schemes, and not bring down the banhammer.

Play by the rules
To begin with, not all developers allow users to exchange in-game items, much less sell them for real money. So before looking for a buyer for your Golden AK-47 or purchasing the Sword of a Thousand Truths, you should check whether doing so will get your account blocked.
For example, the developers of the MMORPG RuneScape prohibit the sale of both accounts and items for real money. There are several reasons for that, ranging from the legal (the game and the items in it are the property of the publisher) to security issues (accounts and items offered for sale are often stolen or obtained by dishonest means).
If you are caught in a prohibited transaction, you will be banned regardless of whether you are the seller or buyer; either way, you broke the rules. The chance that an item you paid real money for will be confiscated is also quite high: To the game administrators, this kind of transaction looks very suspicious, and it leaves you with no in-game proof of payment.
At the same time, trading armor, weapons, and other things inside the game as part of a general auction is usually not forbidden.

Let the buyer beware …
The second important rule is to trust your intuition and steer clear of trades that seem too attractive. Just like in real life, cyberfraudsters will try to win over your trust, and they will promise you incredible discounts to persuade you to part with your money or reveal your password.
There are several signs that should make you wary. Red flags include the seller rushing your decision, pressuring you into the transaction, or suddenly offering to move the discussion outside the official platform. Even if it’s a friend writing to you, beware: Scammers could have hacked their account or be using a character with the same name as your longtime buddy, but with a barely noticeable dot at the end.
Pay attention to the exchange window to make sure that the promised hundred thousand gold coins don’t become [Boar Tusk x 1] at the very last moment. And in general, be careful to check that you are being offered the exact item you want to buy and not just a similar one. And that the item is for the right game.
Some scammers have published items for their own games on Steam that looked exactly like way more valuable items for way more popular games. For example, some shady dude managed to sell a fake Dragonclaw Hook from Dota 2. The fake was a perfect copy of the original: same look, same name. The scammers even copied the description and logo of Dota 2.
The only problem with the fake was that it had nothing to do with Dota. The item could be used only in some game called Climber, which was later removed from Steam.
After several similar cases, the platform moderators began to pay closer attention to which game an item belonged, but it’s still a good idea to exercise due diligence and check everything in advance.

… but also be a smart seller
Scammers are looking to deceive not just buyers, but also the owners of valuable items. If another player asks you to “confirm the quality” of items by sending them, or promises to make a copy of an item, or simply asks to take your item for a test drive, then most likely they are trying to rob you. If someone offers game keys in exchange for an expensive item, you should also be on your guard; they’re probably stolen.
Game stores do not recommend selling items in exchange for real money using third-party payment services such as PayPal. However, if you still want to go through with a transaction, first make sure that the buyer can be trusted. Do you have even the slightest suspicion that they are trying to pull a dirty trick? Then call off the deal. Even if you have agreed on advance payment, a fraudster can retroactively cancel a transaction by complaining to the payment system’s support service, in which case you will be left both without the item, and your money.

Beware of third-party software
Sometimes, while negotiating a deal, a scammer will try to persuade you to install TeamViewer or, say, a voice-chat application. They say it’s to check that the product really belongs to you, or because it’s a more convenient way to communicate. The reason is just an excuse; in reality, the scammer wants to take control of your computer or infect your machine with malware. Refuse that request.

Tips to remember
Whether you are the buyer or the seller, protect your computer and account properly. If you get hacked, scammers will quickly monetize everything of value on it.
•    Do not use the same password for online games that you use for other services;
•    Do not click on any links to external sites from the game chat, and carefully check the address of any resource that requests you enter your username and password; the page may be fake;
•    Never disable your computer's protection. Contrary to popular myth, certain antivirus packages will not interfere with your game’s performance. Rather, when you let them run, they will detect and block threats.

Your child is ready for online learning --- How about you?

Here are 5 Things You Need to Know First


As schools turn to cyberspace to make remote teaching possible, parents are suddenly forced to embrace distance learning and assume added responsibilities with their child’s schooling.

For the overwhelmed parent, it can be tempting to just hand a computer to a child and shove them into the online world on their own and expect them to thrive.

Just like in the physical world though, the cyberspace is filled with as many opportunities as there are threats. Kids being kids, they cannot yet be expected to distinguish between good and bad. So the onus is on the parents to step up to make it work right.

Here are five things that parents need to know to prepare themselves as they weave family life into their child’s home learning with online safety in mind:

1. Communicate

The Internet can be compared to a huge, limitless library, where information just seems to be endless. This means that online learning can be a breeze because everything is at our fingertips. While it can be beneficial for a child, the Internet can have hidden pitfalls that can only be avoided with early, frequent and proper communication between parents and children 

In Kaspersky’s most recent survey, it was revealed that the majority of parents (58%) have spent less than 30 minutes talking to their children about online safety throughout their kids’ childhood.

As parents of today’s digital kids, you can do more. Laying down clear-cut rules and discussing these with your child in the beginning is a good start. Have a heart-to-heart talk with your kids to explain the family guidelines on behaving online and engaging in online activities such as signing up on websites, sites, making online purchases, downloading music or video files, or joining chat or messaging rooms. 

According to Kaspersky Security Network data from January 2020 to May 2020, Filipino children users of devices installed with Kaspersky solutions have been engaging in buying and selling of items online which peaked in April 2020 at 6.04% during the pandemic period from only 3.42% in January 2020. In the same period, Fiipino kids were also seen to have been downloading a bit more software, audio and video content from 32.67% in January 2020 to 38.7% in March 2020.

Such activities pose security risks if children are not made aware of possible dangerous outcomes --- confidential login details or financial data used in online shopping may be used fraudulently. Children may also unknowingly download materials from torrent sites which may come with free malware that can wreak havoc on one’s device.

2. Surf together

One of the key findings in Kaspersky’s survey showed that 50% of parents manually check their children’s devices to look through browsing history, after use. Parents may think that doing so is alright but children may feel otherwise.

Building mutual trust is possible when parents spend time online with their children, particularly during online learning sessions. This is important as parents teach their kids how to explore the Internet safely and how to use this platform for studying online and socializing with friends, classmates, and teachers.

It’s also advisable to keep the devices out in the open, placed in communal spaces around the house to help parents stay on top of any potential issues. Doing so also prompts children to self-check because of an adult’s presence within the space.

3. Limit online time

The Web is so named because it's like a web. Or a maze. And anyone can get lost in it. Kids can get distracted from schoolwork or they can have extended screen time past their school hours at home. They can be endlessly glued on to their devices if they are unmonitored.

Set boundaries by scheduling their time on their screen and going offline. One good way is to set off the alarm to alert you and your child.

Kaspersky’s survey results show that a quarter (26%) of children experienced being addicted to the internet. This has often led to kids clamming up emotionally and socially, displaying irritability or signs of depression when not online. Other children even sacrifice sleep to spend an extra hour online.

Setting boundaries will help keep your child from spending too much time playing games or watching videos rather than studying. Besides needing boundaries, kids thrive better with a good balance of activities to enjoy a healthy childhood despite this pandemic situation.

4. Debrief daily

Oftentimes, search results for study purposes don't exactly lead to the kind of information one is looking for. A child might make an innocent search for a school topic but may find mature content intended for adults.

Children seeing harmful content online (27%) is the top online threat that families have reported experiencing, based on a Kaspersky survey released in Q4 of 2019. Among the dangerous things that kids encounter on social media are sexting and cyberbullying. In a previous international survey from Global Kids Online, a third of children in the Philippines have been reported to have seen sexual images throughout the year of 2018.

The recent KSN data showed Filipino kids’ interest in weapons also went up from 0.12% in January 2020 to 0.53% in April 2020.

Spending a few minutes with your child before bed each day, talking about their good and bad encounters, including their online activities, will help normalize the conversation. Over time, such a conversation will feel less like making a special effort for parents to “check in” and will contribute to a family’s cybersmart approach to safety.

5. Educate yourself

Kaspersky suggests for parents to catch up with the cyberworld and to plan their conversations with their children ahead of time. There are also advanced solutions like Kaspersky Total Security 2020 that’s loaded with the Safe Kids feature to help parents protect their kids when online.

“Use the resources available around you. As parents, we want the best for our kids and we are learning as we go. Our own approach will be different from the next parent and it’s totally fine. We have the technology, up-to-date information provided by organizations and companies and we have our fellow parents to ask for help. We found that when parents pool their wisdom and provide their kids with specific, practical and timely advice delivered in a way that is useful and memorable, that’s how they become effective in raising their kids safer in a digital world,” said Yeo Siang Tiong, general manager for Kaspersky Southeast Asia.

Kaspersky Total Security 2020 is a great tool to help parents look after their children when online.

Parents will also appreciate the security solution’s adult site blocker, screen time manager, app use controls and social network tracker (because kids now have their own Facebook, Instagram and Twitter accounts!). With the GPS child-locator in Kaspersky Total Security 2020, parents can even check their kid’s location and find out if the child steps beyond the safe area specified.

“In one of the surveys in the past where children were asked globally, 75% of the kids said they’d feel safer if they could speak with their parents about online dangers. Again, we start by educating ourselves and choosing the correct tools to help us and kids each to stay safe online,” Yeo added.

The single-user license of Kaspersky Total Security 2020 retails for Php 1,390. KTS is now available in all major IT stores nationwide.