How much importance do you attach to IT security in your company? These are times to consider it a priority. Recently, the cybersecurity company Kaspersky Lab revealed that while in 2017 they managed to register, in Latin America, close to 60 million attacks, by August of this year the figure had already exceeded 160 million cases. According to the same firm, seven out of every ten people in Latin America will receive a cyberattack in 2018.
2017 was a difficult year in terms of cybersecurity, we remember the most resounding massive threats: Wannacry and NotPetya. Thanks to these events we started to recognise ransomware as a self-spreading attack that no longer requires human intervention to infect.
Other attacks with media visibility also raised awareness about cybersecurity, for example the case of the Equifax credit monitoring bureau in the United States, where cybercriminals could have exposed the data of 143 million people, the statements of HBO representatives who confirmed an incident to access confidential information on their projects, among others.
After so many events, a future is looming that requires safeguarding network assets, not only because of the sensitivity of the information but also because of the economic impact. The 2018 Cisco Security Capability Benchmarking Study, which provides insight into current security practices, involved more than 3,600 respondents in 26 countries, who said that 53% of the cybersecurity attacks they experienced cost more than US$500,000.
Here are some cybersecurity tips for your business:
Know all the data generated and stored by your company, where it is, how valuable and sensitive it is and how often it is backed up. From here you should set your data protection priorities.
Encrypt. Cisco threat researchers report that 50 percent of global web traffic was encrypted as of October 2017. The availability of low-cost or free SSL certificates and Google Chrome’s accelerated practice of flagging unencrypted websites that handle sensitive information as “not secure” has motivated enterprises to comply with Google’s HTTPS encryption requirement. To overcome the lack of visibility that encryption creates and reduce the time for adversaries to operate, we see more companies exploring the use of machine learning and artificial intelligence, antivirus using these resources employ machine learning classifiers to determine whether a file or URL is malicious or not and their responses are faster and more effective.
Know your clouds. Aviation organisations typically use multiple clouds – public, private and industrial. Someone in the company should know each of these clouds thoroughly, their strengths and security vulnerabilities.
Restrict access. Use different types of permissions to control who can access networks and how they can access data.
Get advice or hire subject matter experts. According to Gartner, 95% of CIOs who participated in its 2018 CIO Agenda survey expect online threats to increase over the next three years, but despite this, only 65% of the companies they work for have a cybersecurity expert on staff.
Finally I recommend an article from the blog “Andalucía es Digital”, where they bring together the predictions of companies that develop antivirus for 2018, we must be prepared and alert to this issue, giving it the importance it deserves is the first step to address the situation!