22 February 2017 ,  —


New training provides insight for mobile workforce to avoid falling prey to cyber and information security threats

As reports of corporate information theft continue to rise and cyber crime is predicted to cost business between $2.1 trillion  in 2019 to $6 trillion  by 2021, one area of particular concern is information security while travelling on business. Whether in-transit, or at their destination location, business travellers – and by extension their corporate networks – are potentially more vulnerable to malicious cyber and physical information security threats, which are becoming increasingly sophisticated and audacious in their methods of accessing travellers’ confidential corporate information. 

cyber and information security risk picture main

It is now standard practice for employees to access company information via mobile devices including laptops, smart phones and tablets, while travelling, or to take sensitive documents with them. Although cyber and information security threats are not constrained by geographic boundaries, travel increases the risk. This is because potential attackers may control the infrastructure on which communications travel, or have greater opportunity to gain physical access to a target and their portable devices.  Business travellers are also far more likely to connect to insecure Wi-Fi networks while travelling. As a consequence, away from the office environment, there is greater data vulnerability. 

The vast majority of organisations will have comprehensive information security policies in place to protect their privileged data, but when this information is being legitimately accessed remotely by employees on the move, the compliance challenge to keep company information secure is heightened. Malicious information security threats can also use a variety of human and technical intelligence tactics and techniques to collect information, which complicates efforts to secure commercially sensitive information.

To support companies facing this challenge, Control Risks and International SOS, leading providers of travel security services, have introduced an addition to their range of training resources for organisations – the Cyber and Information Security for Travellers course. This eLearning course aims to create greater awareness and understanding of cyber and information security threats, and provide advice and guidance on how business travellers can reduce their exposure to the risk of data theft.
The online course is scalable, easily accessible and interactive, and is, importantly, designed by experts in cyber, information and travel security experts from the two organisations. 

Alex McSporran, Director at Control Risks and International SOS, said, ‘With the increasing and constantly evolving threat to company information, in particular information accessed or stored on mobile devices, organisations can provide greater protection for their data through targeted, expert training for their employees. This will equip them with a better understanding of the nature of the risk, and the measures they can take to better secure their information. While technical defences remain critical, appropriate training, planning, preparedness and vigilance can make a real difference in thwarting a potential data compromise.'

Top tips to help protect your data whilst on the move:

1   Before you travel, it’s important to research the potential threats to your company’s sensitive commercial information, specific to the location you’ll be visiting. This will enable you to implement effective security measures to help prevent problems during your trip.
2.    Avoid advertising online the exact location or purpose of your business trip. 
3.    Software Update Make sure that all software on your devices (including but not limited to antivirus software) is up-to-date before departure. 
4.    Avoid connecting to non-secure networks (such as public WiFi hotspots) when you travel. Where possible, disable any WiFi and Bluetooth capabilities, which can provide additional entry points for attackers and can be exploited without your knowledge. Turning these off will further reduce the likelihood of sensitive information being stolen from your devices.
5.   In locations assessed as HIGH threat (this may vary from company to company, depending on the nature of their operations), maintain physical control of your devices and sensitive information at all times. Keep your laptop with you as carry-on luggage and do not loan it to anyone while travelling. When you return from a high-threat location, or if you have witnessed any suspicious activity on your devices, ask your IT service desk to check for signs of malware, unauthorized access, corruption or intrusion. Do not connect your devices to sensitive networks until they have been verified as safe.


About International SOS and Control Risks

Our alliance brings together two of the world’s leading medical and security specialists, International SOS and Control Risks. Our combined resources and expertise are well placed to meet the customers’ growing need for integrated travel security risk services. Our solutions ensure that mobile employees are safe and productive and help employers with their duty of care obligations. 50 dedicated experts, located across the globe with access to over 200 dedicated travel security experts through 26 regional Assistance Centres and a partner network of over 700 accredited providers, produce global travel security information and analysis 24/7. We also provide travel security training, preventative travel assessment, support with the development of travel security risk policies, evacuation plans and the latest technology to enable clients to track and communicate with their mobile employees.

Notes to Editors

Key elements of the Cyber and Information Security for Travellers eLearning training course:

1) Understanding cyber and information security threats and risks
  • Recognise who and what may be at risk from threats
  • Understand the different types of threats
  • Understand the methods, tools and techniques used by cyber criminals

2) Mitigating the threats and risks
  • Understand how to determine your level of risk
  • Understand the precautionary measures to be taken to minimise the risk
  • Understand the protective measures to be taken
  • Understand what to do if your device is compromised