Johan Bernal N.
3 min read
As companies start their digital transformation processes and people make their transition to the virtual world, the risks of suffering attacks on their technological infrastructures increase. Especially since the emergence of the COVID-19 pandemic, where cybercriminals took advantage of the migrations of thousands of companies and users to steal their data and valuable information.
What is the current regional picture?
So far this year, cyber-attacks have increased by 24% compared to the first eight months of 2020, according to cybersecurity experts. So the growth of these violations has triggered a constant struggle between the development and implementation of new processes and tools that increase protection and decrease the vulnerability of security systems.
Nowadays, any information leak or failure of these systems can cause losses ranging from millions of dollars to the end of a company. That is why an investment in cybersecurity is relevant to prevent getting compromised information from a company or its customers.
According to experts, cybercrime is more willing to attack the most vulnerable digital assets and its most common tactic in companies is Phishing, which consists of "fishing" victims through keywords or questions to obtain information and make fraudulent use of it. In addition to malware, which are programs with a malicious structure divided into computer viruses, worms, Trojans, spyware, adware, and ransomware.
And the real problem is that despite the number of fraudulent tactics that exist, companies are still reluctant to take action. That is why specialized surveys show that 77% of organizations today do not have a cybersecurity incident response plan; and to reduce the risk of cyberattacks, prevention and action are fundamental.
What actions can I develop to take care of my information?
As a company:
- Establish an inventory of cyber theft risks and tactics that exist today: What information should my company protect which would cause a crisis if it is leaked or stolen?
- What data should be protected from my competitors or my users with a higher level of security?
- What IT security vulnerabilities could mean fines, legal costs, reduced revenue, or sales?
Prioritize a series of tactics that will keep me secure:
- Keep both my hardware and software up to date.
- Have a backup system in place.
- Ongoing cybersecurity training and education for all staff.
- Periodic reviews and updates of security processes.
- Contracting specialized and guaranteed cybersecurity services.
- Always access my devices through a VPN. Remote access must always be done securely.
- Have a specialized antivirus (basic or free solutions are not capable of detecting all malware or cyber threats).
- Apply the 3-2-1 backup rule:
*Have at least 3 copies
*At least 2 different formats/media
*At least 1 of them should be outside the Data Center or in a remote location (offline).
As a user:
- Secure your electronic devices: Do not allow the devices to fall into the hands of strangers who can steal your personal information.
- Don't trust public WIFI networks: Try to connect to the Internet from secure networks that allow you to always keep your security first.
- Check and update your passwords: They should contain a mix of alphanumeric characters and signs, not forgetting to use both upper and lower case letters.
- Check links, web pages, and social profiles: Tools such as Google Malware Checker will allow you to analyze links so that they cannot breach the security of your devices.
- Do not open suspicious attachments: If you do not know the origin of a file, it would be better not to open it as you could have a bad time.
- Be careful with downloads: Try to extract and manipulate information only from known, trusted, and verified accounts, since some malware camouflages itself inside files that are hosted on the Internet.
- Do not share personal information: Be it photos, files, or personal data, always try to keep your most valuable data safe from cybercriminals.
- Make a backup copy: Having backups will allow you not to lose your most valuable information if your devices are breached or fail.
To sum up:
Security is perhaps the most important aspect to be taken into account by users surfing the Internet. It is necessary to take into account that when you upload a document or file to the web, it is encrypted in the system, making it practically impossible to disappear from there.
Whether you are taking care of your personal information or that of your company, it is important that you do not underestimate the reach that cybercriminals can have and always prioritize digital security issues, since some of your most precious files are in the wrong hands can have terrible consequences.