One sunday night the mobile rings. He is responsible for technological operations and cyber security: we have received a ransomware attack. It looks very bad; dozens of servers have been or are being encrypted and various critical databases are inaccessible.
This situation is well known to many people in charge of information technology, who are the true witnesses of the level of vulnerability that companies experience. Exposure to a cyber attack requires a strategy based on risk management and resilience and articulated in five relevant points :
Every organization is at risk: any company is a potential victim of extortion. Attackers will search for vital assets for organizations.
Understand the anatomy of targeted attacks: it is very important to be clear about what to do when
faced with different types of attacks and scenarios. You must understand how each type of threat operates, what risks it entails and what are the solutions for each of the different phases.
Prepare, prepare and prepare: the organizations that suffer the least cyber attacks are those that have planned and prepared.
Stay alert to future threats: cyber attacks evolve. We have to anticipate possible new scenarios and think about the future: what new types of attacks could affect us?
Act now to avoid panic later: most industries are experiencing a steady increase in cyber attacks. Having response processes is essential. And where to start in the case of smes? Are they alone in the face of danger? Today, the vision that foresees marketing models as a service –as a service– is consolidated in cloud computing environments. We already find services such as ciso as a service on the market , a good option for smes to build and govern their cyber security management based on a shared responsibility model, aligning regulatory aspects such as the european network and information directive. Systems (nis).
Cyber security is one of the great challenges for companies. Based on recent studies, accenture reveals that 40% of incidents originate from indirect attacks against weak links in the supply chain. For its part, the company reveals a 650% increase in attacks in the field of software and quantifies data leaks at ibm in losses of millions of dollars.
All of this has caused an increase in the demand for cyber security profiles , and it has been transversal to all areas of cyber security, from perimeter security to network teams , through information security, with specialist profiles in grc and compliance.