Actualidad

How to Create an Effective Cyber Security Plan

In order to have an effective cyber security plan, first, you need to know what assets must be protected, whether they are material or immaterial nature (buildings, computers, programs, data …). Once you know this, the possible vulnerabilities must be investigated to determine the risks and how prevent, avoid or eliminate them. Once this is determined, the plan is done.

In the first half of 2017, computer equipment around the world was affected by a harmful program called “WannaCry.” Once executed, it encoded data in such a way that prevented the normal function the programs. Users were forced to pay in bitcoin to some address on the dark web. After the payment was made, they received the key to decode the data and to be able to return to normal, if such a situation of abuse could be called that. When either private individuals or employees received an email simulating a well-known company and executed an attached program, they started the hacking process.

Why were both individuals and businesses affected? Because the path they followed the same simple and easy path of deception. Since in both cases they had received an email that simulated a company known in the market and clicked on an attachment, they started an unstoppable process. Could the previous situation have been avoided?

Intentional Collaboration?

Today we know that in the world there are many people dedicated to understanding the vulnerabilities of operating systems, whether for large corporations or for security services, and some even sponsored by countries. These people could facilitate this group, given their deep knowledge of theme, and allow them to perform intrusive cyber-attacks. But apart from this specialization, it is necessary to add the importance of the collaboration, intentional or not, of people who receive or use emails. Some additional questions arise, do all employees need access to the internet? Can everyone enter or remove data by clicking on an external hard drive (USB) or similar? What employees can have open communications? Which ones are restricted or no restricted at all? Are their passwords safe? If are responsible for our computers, do we apply the security policies that software manufacturers recommend? It has been found that although many companies are aware of the vulnerability, they do not apply the appropriate policies.

All this leads us to think about how much time and money should be devoted to cybersecurity and how strict company policies should be. Questions that everyone has to answer in one way or another. Finally, companies must prevent cybersecurity from being an activity that prevents the daily development of any business and convert it into an ally that allows working safely. Although certain processes and procedures must be followed, we must have an adequate communication policy.

‘With our brain we won’t go too far’, Dr. Piedrabuena new book

Dr. Rodríguez Piedrabuena reflects about the human brain in a new PROA Comunicación video and gives a preview of his next book contents: ‘With our brain, we won’t go too far’. 

...

Mirian Izquierdo —— «Women in boards make organizations more transparent»

In this interview, Mirian Izquierdo, President of the Woman Forward Foundation, analyses the reasons why the presence of women on the boards of directors has not yet reached the 30% recommended by the CNMV’s Code of Good Governance for 2020, as well as the contributions that women can make to...

Risk auditing, a profitable investment

There isn´t a day that we open the digital version of any newspaper and not encounter a reputational crisis: a company, a public institution, a cultural organization or an NGO accused of illegitimate behavior. Some of the problems they face are of a technical nature: a toxic leak, an unexpected...

El comienzo de las limitaciones normativas en el ámbito de internet: el consejo asesor de contenido de Facebook

El continuo avance tecnológico, junto con la existencia de un mundo cada vez más globalizado y conectado, debe ir acompañado de una regulación normativa que establezca los límites de aquello que está permitido y aquello que supone una vulneración de derechos y libertades, así como también de instituciones u organismos...

Why Data Science degrees are unattractive for STEM students?

According to the Boston Consulting Group and BCG GAMMA report «What’s Keeping Women out of Data Science?«, almost 50% of STEM students believe that data science is excessively theoretical and that work in companies in this discipline still has little impact. Furthermore, there is a feeling that data science is...

Por qué es importante aprender a debatir

Marco Bolognini, socio fundador de Maio Legal, destaca la importancia del debate y la necesidad de que países como España o Italia refuercen su práctica en el sistema educativo. Además, detalla por qué son importantes las habilidades que se aprenden gracias a la cualidad de debatir en el ámbito jurídico....

Más conversaciones, más ideas, más PROA.
Síguenos en nuestras redes.

Recibe ideas con criterio

Cada semana compartimos reflexiones, tendencias y claves sobre reputación, comunicación estratégica, asuntos públicos e innovación. Contenido pensado para profesionales que valoran la información con rigor y perspectiva.