News

Luis Barreda Gago -- Cyber-attack, companies' worst enemy

Do you have a company? Congratulations on the daily effort it takes to run it. Now, let's do an imagination exercise. Think of a bad day. Not a difficult one, but a really tough day: a key customer cancels a contract, a strategic employee announces he is leaving for a competitor, or a breakdown stops production for hours. Tough, isn't it? Now multiply that bad day by a hundred and imagine the following: your company is the victim of a massive cyber-attack.

Systems are paralysed, the supply chain grinds to a halt, your customers' confidential data has been compromised, the media publishes negative headlines about your company and your consumers lose confidence in your ability to protect their information, expressing their displeasure on social media. If your company is listed, prepare to see the stock plummet, and meanwhile, your legal department informs you that you are exposed to millions of dollars in penalties for non-compliance with data protection regulations. This is not a science fiction scenario: it is the reality of a risk that is growing by the day.

Experts agree that today there are two types of companies: those that have already suffered a cyber-attack and those that will suffer a cyber-attack soon. The extent of the damage depends on the ability to prevent and respond. In a hyper-connected world, where one in five crimes is committed online, a lack of cyber security represents one of the most insidious and costly risks to any organisation.

The economic and human impact

The damage a cyber-attack can cause is devastating. A company's security is only as strong as its weakest link, and often that link is the employee. In 2023, cybercrime accounted for about 1.5 % of global Gross Domestic Product, surpassing even arms trafficking, human trafficking and drug trafficking. Experts project that by 2025 cybercrime will reach an annual cost of $10.5 billion.

Cybercriminals are becoming increasingly sophisticated. They operate in organised groups, with internal structures similar to those of a legitimate company, and use advanced social engineering techniques, high-level technology tools and, more recently, Artificial Intelligence to perfect their attacks. Among the most disturbing threats are deepfakes and deep voice, capable of impersonating executives or trusted employees to induce harmful actions, such as bank transfers or disclosure of sensitive information.

Moreover, cybercriminals have crossed boundaries previously considered inviolable. Whereas a few years ago hospitals were a "no-go zone", attacks on healthcare facilities are now becoming more frequent, putting lives at risk and exposing critical vulnerabilities of essential infrastructures.

The human factor: the most common entry point

Despite technological advances in security, the human factor remains the most frequent gateway for attacks. The lack of training and naivety of some employees is exploited through phishing tactics and other forms of social engineering, making the worker the most vulnerable link in the security chain.

One of the most common cyber-attacks is ransomware: malicious software that encrypts and hijacks company data, demanding a ransom in cryptocurrencies. Many organisations pay, but most never recover their data. Another classic example is denial-of-service attacks, which overwhelm servers and paralyse operations, causing immediate financial and reputational damage.

Cybersecurity and corporate reputation

The impact of a cyber-attack is not limited to loss of data or revenue. Corporate reputation is at stake. Every leak, every negative headline, every customer complaint affects the trust placed in the company. This is why CEOs are beginning to strategically value cyber security, integrating it into crisis management plans and allocating specific resources to information protection.

Failure to comply with regulations, such as the General Data Protection Regulation (GDPR) in the EU, can lead to penalties of up to €20 million, raising the economic risk of a cyber-attack to critical levels. This makes digital security a strategic priority, beyond mere technological protection.

Cybersecurity as a corporate responsibility

Businesses must realise that cyber security is not a luxury or a technical sideline: it is a critical business responsibility. This means investing in advanced protection technologies, continuously training employees, constantly assessing risks and preparing incident response plans. Cybersecurity is, in essence, insurance for business continuity, customer confidence and the protection of the organisation's most valuable assets.

In conclusion, cyber-attacks represent the most dangerous silent enemy of the modern business world. Ignoring or underestimating them can be catastrophic. Protecting information, anticipating threats and training teams is as vital as any strategic decision. Your company's survival, reputation and trust depend on it.

Proa Comunicación collaborates with Hands 2017

Proa Comunicación will participate one more year in the charity auction Hands 17, of the Emalaikat Foundation, an NGO dedicated to the creation and development of sustainable water resources in Africa. The auction will be held on 12 December in Madrid (Casa Club C/Pinar 17) and the entire proceeds will go to the Emalaikat...

-- REINFORCE, an HR strategy and solutions consultancy firm, chooses PROA for its communication management.

REINFORCE ADVISORS GROUP, a firm founded in 2009 by a group of executives with recognised experience in people management, has entrusted PROA with the development of its communication strategy. The firm provides its services directly through a senior team that guarantees added-value advice and a high level of professional...

Sports Trends for 2020

When we predict the trends that will mark the coming year, as well as those to come, the experience shows us how changing an environment can be, where what seems to be the coming bombing, suddenly appears a new technology or event, which immediately breaks down bets whose success was...

--Alfonso Sánchez-Tabernero: "The greatest risk to journalistic ethics is laziness".

When he was a child, Alfonso Sánchez-Tabernero (Salamanca, 1961) did not know - like anyone else - what it was like to be a rector, although his great-grandfather and great-great-grandfather had already directed the University of Salamanca. He dreamed of being a bullfighter, footballer or fireman, and when he arrived at the university he did not think of leading an educational institution either.....

Featured images from the PROA Mental Health Observatory

Formula 1 and its communication shortcomings

In these convulsive moments that we are having to live with the closure of stadiums, circuits, pavilions, the postponement or direct cancellation of major sporting events such as the MotoGP and F1 World Cup races, or the postponement or possible cancellation of sports leagues, the European Cup or even the...

More conversations, more ideas, more PROA.
Follow us on our networks.

Receive ideas with criteria

Every week we share reflections, trends and the key aspects of about reputation, strategic communication, public affairs and innovation. Content designed for professionals who value information with diligence and perspective.