How to respond to cyber security challenges in 2023?

Theft of information, blocking of activities, extortion, payment of fines for non-compliance, loss of trust and serious damage to reputation. These are some of the consequences that companies, government bodies and organizations face today as a result of cyber attacks. Their common denominator is the creation of large economic losses.

According to the tenth edition of the report ENISA’s threat landscape, annual report of the European Cyber ​​Security Agency, the main threats during 2022 were: spyware, identity theft, adware, ransomware, supply chain threat and persistent malware. The current trend of these cyber attacks is high and all indications are that it will increase.

According to Adriana Jiménez, IFX Networks Regional Product Manager for Latin America, in her opinion, people and organizations have been victims of a wide range of computer threats. While some act in an obvious way, others do it imperceptibly and remain hidden.

Critical information, considered a company’s most important asset, has become a prime target for criminals. But what do we do to prevent it from falling into their hands?

For IFX Networks, neutralizing threats begins with a determined prevention effort. This commitment must go from the top managers to the employee base of the organization. In this regard, the company proposes the development of a comprehensive cyber security strategy based on three recommendations: risk management, specialized monitoring of cyber security and selection of a qualified strategic ally.

Risk management

The Covid 19 pandemic has brought with it an increase in remote work. Although this modality enabled the continuity of the work of many organizations; also made it clear that we are not prepared to protect data under these new conditions. Each user becomes another headquarters of the company. For this reason, the expansion of the operation also represented increased security risks, explains Adriana Jiménez.

In a post-pandemic scenario, where remote work is consolidated, the areas where an attack can occur coincide with the same work tools. That is, with browsing, e-mail, endpoints, applications and the network.

Here, it is necessary to implement intelligent solutions that protect the company from inappropriate access; review and clear incoming and outgoing e-mail; check for software and hardware updates; guarding and protecting equipment (computers, tablets, smartphones) and other devices involved in the company’s information management, inside and outside its facilities.

Finally, with regard to network security, organizations must have centralized solutions that optimize the Internet channel through firewall rules and content control, internal, external and web access management. Its scope should include intrusion prevention mechanisms, web filtering, antimalware and application control.

Specialized cyber security monitoring

A fundamental component of a cyber security strategy is infrastructure, user and application monitoring. Only in this way is it possible to have visibility of threats that can be realized. For this purpose, it is essential to have a specialized cyber security monitoring service that enables the collection, analysis and correlation of data in a centralized and automatic way, 24 hours a day, 365 days a year. This will enable the prioritization of events and an effective response to any cybersecurity incident.

“Digital transformation also increases risks. We cannot buy a security service and think: everything is peaceful. You need to have visibility into what’s happening online. The fact that we do not observe screen lock, slowness inside the machines, does not mean that something is not happening on the network; or that the user does not do inappropriate things,” warns Adriana Jiménez.

Monitoring and reporting are key. Know what is happening, what is the behavior of the network. Do we have an abnormal situation? Is the user trying to avoid security rules? Is the app broken? It is important to have that visual, know the behavior and support it in the report.

Choosing a qualified strategic ally

It is important to have competent and qualified cyber security experts as part of the IT security team. They must be in charge of planning, organizing and prioritizing all needs and requirements in order to get the best result. Added to this is the importance of having tools that allow for the accurate transfer of passwords, the use of secure protocols, and the sending of classified data.

“In order to optimize costs and time, many organizations are looking for an external security team to guarantee the correct handling of sensitive company data. Choosing this alternative allows them to devote themselves to the development of their business, while specialized companies are in charge of designing, implementing and supporting a comprehensive information security strategy, says Adriana Jiménez.

IFX Networks currently serves more than 4,000 corporate clients in 17 countries in the region. One of its activities is: IFX security solutions, which are part of: SOCAAS: Security operation center as a service; Close Protection 360: service that protects the perimeter network; same as Server and endpoint protection: Tools that guarantee the protection of servers and end devices.

This set of services and solutions is intended to guarantee the availability, privacy and integrity of information, preventing companies and organizations from becoming victims of cyber attacks or computer crimes.