In order to have an effective cyber security plan, first, you need to know what assets must be protected, whether they are material or immaterial nature (buildings, computers, programs, data ...). Once you know this, the possible vulnerabilities must be investigated to determine the risks and how to prevent, avoid or eliminate them. Once this is determined, the plan is done.
In the first half of 2017, computer equipment around the world was affected by a harmful program called "WannaCry." Once executed, it encoded data in such a way that prevented the normal function the programs. Users were forced to pay in bitcoin to some address on the dark web. After the payment was made, they received the key to decode the data and to be able to return to normal, if such a situation of abuse could be called that. When either private individuals or employees received an email simulating a well-known company and executed an attached program, they started the hacking process.
Why were both individuals and businesses affected? Because the path they followed the same simple and easy path of deception. Since in both cases they had received an email that simulated a company known in the market and clicked on an attachment, they started an unstoppable process. Could the previous situation have been avoided?
Intentional Collaboration?
Today we know that in the world there are many people dedicated to understanding the vulnerabilities of operating systems, whether for large corporations or for security services, and some even sponsored by countries. These people could facilitate this group, given their deep knowledge of theme, and allow them to perform intrusive cyber-attacks. But apart from this specialisation, it is necessary to add the importance of the collaboration, intentional or not, of people who receive or use emails. Some additional questions arise, do all employees need access to the internet? Can everyone enter or remove data by clicking on an external hard drive (USB) or similar? What employees can have open communications? Which ones are restricted or not restricted at all? Are their passwords safe? If they are responsible for our computers, do we apply the security policies that software manufacturers recommend? It has been found that although many companies are aware of the vulnerability, they do not apply the appropriate policies.
All this leads us to think about how much time and money should be devoted to cybersecurity and how strict company policies should be. Questions that everyone has to answer in one way or another. Finally, companies must prevent cybersecurity from being an activity that prevents the daily development of any business and convert it into an ally that allows working safely. Although certain processes and procedures must be followed, we must have an adequate communication policy.