As the world becomes increasingly reliant on networks and technology, threats to the security of information and data of companies and users are on the rise, affecting business continuity.
For this reason, cybersecurity must be a priority issue in the corporate world to ensure the confidentiality, integrity and availability of information.
What are the threats?
All organisations are potential targets of a cyber attack. Cybercriminals often choose the weakest link to act: the user.
The most common user attack is known as phishing. Attackers impersonate trustworthy companies or individuals to obtain confidential information. In most cases, they impersonate financial institutions, with the aim of obtaining bank or credit account credentials from their victims. Juniper Research estimates that 33 billion pieces of personal data will be stolen by 2023.
One of the most common cybercrimes is ransomware: this is a type of malicious software that prevents users from accessing the system or their personal files and demands a ransom to get it back. It affects all operating systems (Windows, Mac, Linux) and any device (PC, mobile, tablet).
On average, hackers launched a ransomware attack in 2020. every 10 seconds. According to a researchresearch, the number of such attacks globally increased by 102% in the first half of 2021 compared to the start of 2020, and there is no sign of it slowing down. Teleworking, spurred by the pandemic, is one of the causes of the increase in cases.
What can be done to prevent cyber-attacks?
Risk management, a key action to prevent cyber-attacks, does not seem to be a priority for companies: 45% of Uruguayan companies do not have a specialised IT security area.
From Isbel we recommend to establish and maintain updated security systems and plans. One of the first steps is to raise awareness.
Raising awareness among teams
Fostering a security culture to raise risk awareness among the company's employees is the starting point for an information security strategy. For example, it is essential to train users to prevent them from accessing suspicious links or downloading untrusted files, and to educate them to develop the ability to distinguish between a genuine email and one that is intended to impersonate an institution's identity.
Email is the first gate way to an organisation's network, so in addition to training staff, it is necessary to have effective tools to identify and block phishing and other threats.
Upgrading operating systems
It is also important to keep operating systems up to date with security patches. Another common technique to mitigate the impact of this type of attack is to make regular backups of critical company information. For companies using virtual servers, it is advisable to install a micro-segmentation solution to analyse and protect east-west traffic between virtual machines. Companies used not to monitor this traffic, but only connections to other networks or the internet.
Another indispensable element is a firewall that fulfils the functions of a next-generation firewall. It is also advisable to consider intelligent technologies that detect zero-day threats, i.e. those that have not been previously identified and reported. Unlike most firewalls, which rely on a signature list of known attacks and threats, intelligent firewalls analyse network behaviour for deviations from the normal pattern of operation. This makes it possible to detect zero-day threats.
Today, it is critical to have an extra layer of security in the form of two- or three-factor authentication keys to ensure network security. With this system, data is requested that the user knows, such as their username and password, and also requires an element that the user possesses, such as a USB token or key that they receive on their mobile device. In recent years, it has become more common to adopt biometric tools for authentication. Examples include fingerprint or iris reading, as well as facial or voice recognition.
Investing in information security systems
Finally, it is essential to invest in cyber security systems . These crimes are constantly evolving towards more sophisticated attacks and it is therefore essential to help companies identify their investment priorities according to the assets they want to protect. To this end, we recommend considering aspects such as:
1. Build cyber security on a solid foundation. Invest in the essential tools as a minimum requirement, but keep an eye on security innovations that are one step ahead of future incidents.
2. Conduct testing. Do not simply purchase a security system, but carry out regular tests to identify vulnerabilities. This is where we find ethical hacking practices, which are based on trying to penetrate security systems to detect and fix vulnerabilities.
3. Invest in information security. In 2020, ransomware attacks alone are estimated to have cost organisations around the world close to $20 trillion. This is almost 75% higher than in 2019. It should be a priority for businesses of all sizes, as a cyber-attack can cripple their business.
It has become essential to have experts and adequate protection systems in place. It is advisable to have security plans, as well as to have well defined what software and/or hardware is convenient for the company to acquire.
While it is not possible to predict what the next attack will be, there are practices and technologies that allow organisations to ensure certain levels of information security. Where threats cannot be blocked, recommendations can minimise the impact on business operations.