2020 Cybersecurity Diagnosis

2020… a year marked in history for all the “difficult challenges” it has brought with it. Leaving aside the very serious health consequences, Covid-19 has inevitably accelerated the digitalization of companies, largely due to teleworking. This has caused cybersecurity breaches and incidents to skyrocket. It is the consequence of haste, lack of preparation and cybercriminals eager to take advantage of the opportunity presented to them: the more networks connected, the larger the attack surface.

Therefore, as the pandemic has also been critical in the digital world, organizations have been forced to take action for the sake of their information security. Today’s “home office” reality poses a problem when it comes to protecting a company’s assets.

Hyper-connectivity is all very well, but it makes us so dependent on technology that, if we lose control, it means very critical losses. We cannot wait for a cyber-attack before taking action.

5 cybersecurity lessons from 2020

This year has intensified the demand for system security in companies. The urgency to keep business up and running in times of pandemic has meant a reprioritization in favor of cybersecurity. Therefore, in this area 2020 leaves us with the following lessons:

  1. Cybersecurity is both a necessity and a responsibility. Many companies implement security only to comply with certain regulations and avoid fines, without realizing that this goes much further and requires strategic plans. If this perception begins to change, we will see much more consolidated and productive companies. Information will be more organized and centralized.
  2. Social engineering is very effective due to the lack of training in security protocols. Lack of staff training makes businesses an easy target. Just wait for an employee to open or click on a malicious link that will render systems inoperative. Security starts with staff training.
  3. Technology is advancing for everyone, because cybercriminals are also updating (perfecting attacks). The implementation of new technologies such as 5G make our lives easier as connection from any device becomes very accessible. But greater network reach does not equal less risk. On the contrary, everything being connected is very dangerous in terms of privacy if you are not cautious and apply good habits.
  4. The importance of segregation of duties. Just because all information is controlled does not mean that anyone can have access to it. Something that is not often talked about (but is imperative in cybersecurity) is that employees are limited to using only the data they need to perform their duties. Otherwise, there could be conflicts of interest, abuses or even fraud. The separation of functions reinforces the principle of minimum privilege.
  5. Create a balance between human and tool. If you mix the logic and talent of a person trained in IT security with the analytics and speed of a prevention tool, companies will gain in accuracy. When it comes to locating and anticipating vulnerabilities or complex breaches that require immediate intervention, businesses will be prepared.

Early cybersecurity forecast for 2021

Briefly summarizing, we would not be wrong to say that attackers will find new, innovative and even more sophisticated ways to get their hands on a company’s most valuable asset: information. As remote work increases, phishing attacks and VPN (Virtual Private Network) attacks are multiplying.

It would also be safe to say that, if businesses continue to be uninformed when it comes to protecting themselves, the increase in successful cyberattacks will be much greater than in other years. The “bad hackers” are becoming more and more specialized in their field, so there will be more economic and reputational losses.

The greater the connection, the greater the investment

The conclusion we can draw from all this is: the only way to avoid or mitigate the effects of cybercrime is to invest in cybersecurity plans and measures. It is already a mandatory requirement.

In a digital transformation process, IT security must be prioritized before everything else. If this part is not covered, the rest of the practices linked to digitalization will not be profitable in the long run.

Cybersecurity should never be dispensed with! Until this is clear, the permanence and optimal performance of a company will depend on luck.

Share this article

Related Posts