Cybersecurity is, today, one of the main aspects that companies that are in the midst of their digital transformation process must take into account. However, today, there is still much to do, since it is usually associated with large corporations, however, regardless of the size of your business, there are certain guidelines that you must cover. Today we bring you five basic tips for you to take the first steps towards improving the online security of your business.
The concept of security has evolved a lot with the arrival of the digital era. Now not only do you have to physically protect the offices, but you also have to do it digitally. Regardless of the size of our business, the lack of security in the processes that are carried out digitally can have catastrophic consequences.
According to the latest Cisco cybersecurity report, hackers continue to make their strategies more sophisticated. Last year saw the arrival of ransomware crypto-worms and criminals who simulated the installation of ransomware, who do not really look for a ransom, but rather the removal of data from the system.
Cybercriminals are also taking advantage of other gateways such as cloud services or IoT (Internet of Things) devices. These last ones are especially very few insurance at present and the organizations seem that they are not putting any remedy because they are not conscious of the potential danger that suppose.
Those responsible for security have to be prepared for these and other new threats that continue to arrive throughout the year, such as those focused on machine learning and artificial intelligence and others camouflaged within encrypted web traffic.
As for statistics, the National Institute of Cybersecurity (INCIBE by its acronym in Spanish) certifies that electronic threats do not stop increasing year after year, both from a purely criminal point of view and within a new context called cyberwar, which occurs between several countries through external agents.
The INCIBE declared that during the year 2017 there were 123,064 incidents of computer security, which means an increase of 6.77% compared to last year. Of these attacks, 116,642 were directed to companies and citizens, 885 to strategic operators and 5,537 are within the academic scope of the RedIRIS. This agency was able to resolve 2,425 ransomware incidents in a satisfactory manner and warned of 18,111 new vulnerabilities.
On the other hand, the Office of Security of the Internet (OSI), whose objective is the awareness of the importance of cybersecurity, attended 4,354 queries of citizens and sent 131.857 notifications of the Antibotnet service.
A study by Norton states that almost half of the adult population online (16.5 million people) has been the victim of a cyber-attack in 2017, which has entailed a total cost of 1,750 million euros.
Taking all these data into account, the importance of cybersecurity in companies is demonstrated, so let’s see how it can be improved so as not to be the victim of one of the many attacks that take place every year in Spain and around the world.
Apply biometric technology
Passwords will soon be left behind due to the advantages offered by biometric technology. This has a series of characteristics and common elements that make it an option to take into account: universality, uniqueness, permanence in time and in different environmental conditions and quantitatively measurable.
Biometrics is used mainly in security as a form of authentication (among other uses) analyzing their physical characteristics, such as iris or fingerprint, or their behavior, such as voice or writing. The INCIBE considers this technology as a good means of controlling physical and logical access and the fight against fraud. And together with traditional passwords, it makes it a very secure method.
Betting on robust authentication solutions
The digital signature is a very practical tool when doing business, since it eliminates geographical restrictions and allows signing any document from anywhere (the universal signature goes further: any device, any operating system).
This signature must be protected in some way to avoid possible fraudulent use and for that there are solutions such as Viafirma, our system of key custody and centralized signature with robust authentication (at least by two procedures) of identities.
Train your employees
Sometimes many problems can be avoided with a good training to workers, who can easily avoid traps that criminals tend if they are properly informed on this issue.
Therefore, it is important a continuous training plan in cybersecurity and promote this type of culture within the company, so workers will be able to take preventive measures, identify suspicious activities such as emails suspected of incorporating a computer virus attached, distinguish a fraudulent website, illegal requests for data or know when the network is suffering a cyber-attack and how to act in each case.
In addition to training as such, it is important to have security protocols based on the level of access to information that each employee has and their level of responsibility. Creating habits as simple as limiting access to certain websites or even working with remote machines when it comes to sensitive information are some of the aspects that you can incorporate into the day to day of your company to increase the degree of security in a simple way.
Have a cybersecurity officer
There are certain companies that because of the sensitivity or the volume of data handled; it is advisable that they have a specialist in cybersecurity in their workforce to protect them from possible external attacks.
This person should also coordinate the training classes we talked about in the previous point and implement a cybersecurity policy and make sure that it is complied with.
Keep the software updated
Another way in which it is possible for malware to sneak into a company is through security holes or vulnerabilities in corporate software, which hackers take advantage of to enter unsuspectingly with the unfortunately famous exploits.
Software manufacturers are constantly working to improve and solve possible security problems, so it is always advisable to have the latest stable version installed.
In short, the cybersecurity of the company is a very serious matter, which must be given the importance it has. Attacks by cybercriminals can result in huge losses, both economic and valuable information. Therefore it is always advisable to take all possible measures to prevent this from happening. Digital is safe, but you have to have the right media and professionals.