Monday, 17 december 2018 | Redacción CEU
Companies have to look inwards in order to face the adaptation process that new technologies require. This is a deep and meaningful change in mindset that should be as critical as constructive. Only in this way will they succeed in achieving an important and complex goal: fitting in a work model which is experiencing a constant evolution. This effort to deal with the current business metamorphosis in the right way is not useless. On the contrary, it promises great advantages such as reducing costs, increasing productivity and profitability, attracting the best talent and driving innovation. But, in the same way that it brings great benefits, it also implies certain risks. Now, more than ever, companies have to pay special attention to digital security. This transformation process involves confronting new threats which were until now unknown. Which are these threats? What guidelines should companies follow to deal in the best possible way with the cybersecurity challenge?
According to Incibe, Spanish National Cybersecurity Institute, in 2017, there were 120,000 security incidents in Spain. 116,000 of them were related to citizens and companies. It is important to note that these figures only refer to the incidents that were registered. This fact does not mean that they represent the total amount of incidents nor that all of them were cybercrimes.
Another study which is more recent, the Norton Cyber Security Insights Report 2018, states that 33% of Spaniards have been victims of cybercrimes. According to this study, Spain occupies a striking third place in the world ranking of cyber-attacks (behind countries like the United States and the United Kingdom). In fact, some media point out that, according to these data, suffering a cyber-attack is more likely to happen than having an allergy. So, it is not surprising that companies are increasingly worried about the cybersecurity challenge, since the threat is proportional to the level of development of these new technologies which, obviously, do not stop growing.
Small companies are also exposed to big risks
It is not true that just large companies are vulnerable to attacks. In fact, small firms tend to be more exposed. From a small craft business to a prestigious bank, they may be susceptible to being placed in the line of fire of cybercriminals. These attacks are not usually governed by aspects such as business volume, fame and economic prospects, but rather by how vulnerable and exposed to attacks some companies may turn out to be. On the other hand, the most devastating consequences do not necessarily have to be economic (although, of course, they can amount to millionaire losses), they can also be reputational and legal.
95% of incidents in cybersecurity are due to human mistakes. This is the percentage that was revealed in the report IBM X-Force Threat Intelligence Index 2018 (a study which was carried out by several IBM security researchers). Cybercriminals take advantage of the naivety, lack of attention and lack of information of users to obtain valuable information and develop all kinds of tactics and trickeries. This practice is known as social engineering. Therefore, if companies do not want to expose themselves to these threats, they should pay special attention to training employees in cybersecurity properly and warn them about the risks that they may face.