Businesses could be at risk from hack attacks due to the large number of employees bringing in new comms devices following the Christmas break. This is according to EY director, cybercrime, investigations Massimo Cotrozzi.

Cotrozzi believes companies without robust cyber defences and BYOD policies are leaving themselves open to harmful attacks from online criminals.

“The new smart mobile/tablet and wearable tech that employees bring into the office could be now connecting via the corporate wireless networks to external cloud systems which, in the best case, have not been appropriately protected, let alone tested,” he said.

“Organisations that are unprepared could be caught napping while hackers are getting in, using employee devices, via the back door.”

The EY Global Information Security Survey, released in October 2014, revealed that 84% of companies see mobile security as a high or medium priority. However, only 41% of respondents said they had plans to increase spending in the area.

High-profile attacks on staff systems in 2014 include the Sony hacking scandal and a case where Morrison’s employees’ payroll data was compromised.

Cotrozzi believes these examples show that cyber thieves are “willing to use innovative means to achieve their goals”.

“This is likely to include targeting employee devices and infecting them with malware,” he warned.

“By taking a pro-active approach… businesses can better understand where the risk for their particular organisation lies, and who’s likely to be targeting them – whether it’s hacktivists, organised crime or other entities.”