Information is one of a company’s most valuable assets. Having data detection and protection tools and managing a security culture are crucial to preventing or responding to a cyber attack.
Downloading applications from unauthorized sites, connecting to free Wi-Fi networks, creating weak passwords, and opening emails from unknown people are common actions that open the door to hackers.
Colombia is one of the Latin American countries that receives the most attempts at cyber attacks, most of which are directed at companies and government institutions. In the first quarter of 2019 alone, more than 40 billion cyberattacks were carried out. These actions put information about the operation of the company, employees, customers, finances, investors and expansion projects at risk and can lead to data theft, identity theft and scams or phishing .
How to protect the information?
The technology (IT) areas of companies must measure the degree of risk to which they are exposed according to their nature; This does not mean that any are exempt, but that there are organizations, for example financial entities or government institutions, that have a higher risk.
Based on this diagnosis, IT must define the detection systems, IDS, and protection, IPS, of intruders that allow examining the network and ports to recognize suspicious patterns and generate alerts. They must also explore other tools such as antivirus, encryption technologies and security patches, to simulate hacker attacks and assess the ability to defend and respond to these threats.
Testing to adjust the protocols that will protect the company against real actions is an essential step. Luís Martins, Director of Cybersecurity at Multicert, a company focused on providing security solutions and which is Cadena’s ally to develop cybersecurity services in Colombia and the region, affirms that “organizations are subject to attacks with different levels of sophistication that require a response that protects them from the most common ones, while preparing to face the advanced and emerging ones”.
Employees play a very important role in the discovery and inhibition of attacks, as they are the organization’s first line of defense. To create a safety culture, it is important to dialogue and offer periodic training sessions that help them make the right decisions and avoid dangerous actions. These recommendations can decrease the risk of a cyber attack:
- Create passwords for documents that contain sensitive data or information.
- Update the software and operating system to acquire the latest security news.
- Give relevance to the antivirus, its function is to detect and eliminate threats.
- Create strong passwords that are not easy to guess, avoid consecutive digits or names of people.
- Be suspicious of emails sent by unknown senders, if they have links or files, do not open or download them until you verify the identity of the person who sent the email.
- Avoid inserting external devices such as USB flash drives or hard drives because they may contain malicious files.
- Always connect to authorized Wi-Fi networks, public ones are insecure and make you vulnerable to attack.
- Create copies or backups.
Although in organizations there is a risk of being the target of a cyberattack, it is essential to detect threats in order to have a timely response. To achieve this, detection and protection systems and the good habits of collaborators are necessary.
Source: Luís Martins, Director of Cybersecurity at Multicert.