In order to have an effective cybersecurity plan, it is first necessary to know what assets need to be protected, whether tangible or intangible (buildings, computers, software, data, etc.), and then to investigate possible vulnerabilities in order to determine the risks. What is the purpose of the plan? To prevent, avoid or eliminate these risks.
In the first half of last year 2017, many computers around the world were affected by a malware programme called "WannaCryOnce executed on the computers, it encrypted the data in such a way that it prevented the normal execution of the programs. And the users were forced to pay in bitcoin The payment was made and they received the key to decrypt the data and return to normality, if such a situation of abuse could be called that when both individuals and employees received an email pretending to be from a known company and executed an attached programme.
Why were both individuals and companies affected? Because the path they followed until they fell for the scam was easy and simple, since in both cases they had received an email simulating a well-known company in the market and executed an attached programme initiating the process, becoming unstoppable. Could the above situation have been avoided?
Intentional collaboration?
Today, we know that there are many people in the world dedicated to understanding the vulnerabilities of operating systems, whether for large corporations or for security services, even sponsored by countries, which could make it easier for this group to carry out intrusive cyber-attacks on computers. But to this specialisation we have just discussed, we must add the importance of the collaboration, intentional or not, of people who receive or use the email. Some additional questions arise: do all employees need to have access to the internet? can everyone enter or retrieve data by tapping an external hard drive, flash drive or similar? which employees can have open communications? are the passwords that are used secure? If we have computers in our care, do we apply the security policies recommended by software manufacturers? It has been noted and is well known that, even when vulnerabilities are known, many companies do not apply the appropriate policies.
All this leads us to think about how much resources, in time and money, to devote to cyber security and how far to go. These are questions that everyone needs to answer in one way or another. Finally, to prevent cybersecurity from being seen as an activity that impedes the daily development of any business and to see it as an ally that allows us to work safely, even if we have to follow certain processes and procedures, we must have an appropriate communication policy.
Manuel García Ramírez
Director at MGR IT and Security Consultants