News

How to Create an Effective Cyber Security Plan

In order to have an effective cyber security plan, first, you need to know what assets must be protected, whether they are material or immaterial nature (buildings, computers, programs, data ...). Once you know this, the possible vulnerabilities must be investigated to determine the risks and how to prevent, avoid or eliminate them. Once this is determined, the plan is done.

In the first half of 2017, computer equipment around the world was affected by a harmful program called "WannaCry." Once executed, it encoded data in such a way that prevented the normal function the programs. Users were forced to pay in bitcoin to some address on the dark web. After the payment was made, they received the key to decode the data and to be able to return to normal, if such a situation of abuse could be called that. When either private individuals or employees received an email simulating a well-known company and executed an attached program, they started the hacking process.

Why were both individuals and businesses affected? Because the path they followed the same simple and easy path of deception. Since in both cases they had received an email that simulated a company known in the market and clicked on an attachment, they started an unstoppable process. Could the previous situation have been avoided?

Intentional Collaboration?

Today we know that in the world there are many people dedicated to understanding the vulnerabilities of operating systems, whether for large corporations or for security services, and some even sponsored by countries. These people could facilitate this group, given their deep knowledge of theme, and allow them to perform intrusive cyber-attacks. But apart from this specialisation, it is necessary to add the importance of the collaboration, intentional or not, of people who receive or use emails. Some additional questions arise, do all employees need access to the internet? Can everyone enter or remove data by clicking on an external hard drive (USB) or similar? What employees can have open communications? Which ones are restricted or not restricted at all? Are their passwords safe? If they are responsible for our computers, do we apply the security policies that software manufacturers recommend? It has been found that although many companies are aware of the vulnerability, they do not apply the appropriate policies.

All this leads us to think about how much time and money should be devoted to cybersecurity and how strict company policies should be. Questions that everyone has to answer in one way or another. Finally, companies must prevent cybersecurity from being an activity that prevents the daily development of any business and convert it into an ally that allows working safely. Although certain processes and procedures must be followed, we must have an adequate communication policy.

Only a small group of companies are harnessing the potential of AI.

A new study by Boston Consulting Group and MIT Sloan Management Review reveals growing concern among executives about the risks of AI. It also highlights the five organisational behaviours that companies that are successfully harnessing the value of AI have in common. After several decades of progress,...

Mirian Izquierdo -- Why family businesses need to be transformed through boards of directors and independent directors

Much of the research comparing the financial performance of family firms with that of non-family firms emphasises that family firms outperform other firms. However, several studies since the research: Board Composition, Balancing Family Influence in S&P 500 firms (Anderson, Reeb 2004) conclude that by eliminating family firms from the financial results, family firms outperform non-family...

Repitition (I): Side A

Although not unexpectedly, it is most unusual that cautions and objections to the televised debates of candidates for senators and representatives have to be repeated, like the elections themselves, only six months later. Already spring of this year saw four electoral calls (general, European, municipal, autonomic) in April and May...

-- Víctor Valentín: "Now is the time to reinforce the crime of glorification".

PROA interviews Víctor Valentín, vice-president of the association Dignity and Justice and expert in anti-terrorism issues on the situation of ETA prisoners, the escape of terrorists and crimes of glorification. This VIDEO can be reproduced as long as PROA is mentioned as the source...

Victoria Ortega: The technological transformation in justice is absolutely necessary

Victoria Ortega, president of the General Council of Spanish Lawyers, talks with Valvanuz Serna Ruiz, PROA's managing partner, about the changes that the judiciary is facing as a result of the pandemic and how the technological transformation has been and is key for the sector. In this interview, Ortega...

Economic outlook for 2020: improved trade, high liquidity and low risk of recession

In a recent conference organised by the ASEAFI financial advisory board in Madrid, Arcano Partners' economist, Leopoldo Torralba, explained his vision of the economy for the year 2020. A year that a priori appears better than the previous one, with less geopolitical uncertainties and glimpses of recovery in the European...

More conversations, more ideas, more PROA.
Follow us on our networks.

Receive ideas with criteria

Every week we share reflections, trends and the key aspects of about reputation, strategic communication, public affairs and innovation. Content designed for professionals who value information with diligence and perspective.