Cybersecurity has become one of the main priorities for millions of companies worldwide, due to the explosive increase in mobile tools, payment gateways and banking applications, which have revealed a worrying fragility in the digital ecosystem.
According to global data from consulting firm Cybersecurity Ventures, in 2015 an attack occurred every two minutes, translating into business costs of almost $325 million. Extrapolated to the present, the figures are worrying, since a cyberfraud now occurs every 11 seconds and the losses generated are estimated at over US $20 billion!
Although there is a wide variety of cyberfraud techniques that stalk millions of users and companies daily, the IBM Security organization, through its annual report X-Force Threat Intelligence Index, detected the main attacks that affected Latin America during 2021 were ransomware, corporate e-mails and identity theft.
Another of the most frequent cyberfraud techniques that affects a significant number of users is phishing. Data from a survey conducted by the global company TransUnion, positions it as.
The most common cyberattack is completed by the installation of malicious software, better known as a watering hole. This type of spyware can occur when browsing suspicious websites or opening e-mails from unknown senders. In most of these situations, without even realizing it, users install malicious programs that give third parties access to their private information, such as financial and personal data.
When looking at the industries that are most vulnerable to this type of fraud, manufacturing ranks highest with 22%, retail and wholesale follow with 20% and the financial and insurance sectors are targeted by 15% of cyberattacks.
What about the cloud?
Migration to the cloud has also experienced a strong rise in recent years, boosted by the new hybrid work modalities that have been adopted by a significant number of companies.
According to a study carried out by Palo Alto Networks, a company specializing in cybersecurity, certain vulnerabilities were detected in the cloud infrastructure in two areas: excessive documentation permissions and weak password security.
How is cybersecurity reinforced within a company?
For Diego Valenzuela, CTO of Tiaxa, the strategy that a company needs to reinforce its cybersecurity levels against attacks such as ransomware, spam e-mails and even strengthening the security of work in the cloud, has to focus on several aspects related to real knowledge of the danger that fraud entails, its consequences and as an internal policy that includes all work teams.
“Cybersecurity is an aspect that must be addressed in all areas of the organization. There must be a culture in the company that allows us not only to take it seriously, but also to act, work, train and educate ourselves to mitigate the risks involved. It is not only the responsibility of the Information Security Officer and his or her team, it is the responsibility of the entire company to get involved and adapt its way of working in favor of mitigating the risks and best practices associated with cybersecurity”, he explains.
How are the solutions that Tiaxa develops for its clients effective against this type of attack?
The way to build a solution that contributes to fraud prevention must include several stages and processes. In this regard, Diego shares that knowledge in the area of cybersecurity is not absolute; on the contrary, year after year fraudsters discover new ways to defraud users; and therefore, ongoing training and development is essential for the teams.
“The implementation of policies and processes is the basis for being protected. Vulnerability analysis, access controls, Data Loss Prevention, Monitoring at all layers, HIDS, to name a few, are practices that Tiaxa has implemented and are constantly evaluating and evolving. A process is not only written, the person in charge, the roles and people involved must be clearly defined, and then the process is implemented, tested, audited and perfected.
As Tiaxa we approach each one of the processes with seriousness and professionalism, some in specific areas and others general to the organization”.
If you need more information, you can complete the following form and we will contact you shortly.