In Mexico, 87% of people have had cybersecurity incidents. It is the opposite to what many people think, companies can also be victims of these cyberattacks.
The Internet has become a public space where the activities that take place online are inherent to those that take place on the physical plane and vice versa.
A large part of the institutions, the economy and the social movements have migrated to the Internet. With that it has also changed an evil that afflicts a large part of the population: security incidents.
According to the 2017 Information Security Study in Mexico made by the consultancy PriceWaterhouseCoopers (PwC), the main source of security incidents in Mexico come from insiders. Among these security incidents we find 44.5% which are attributed to former employees, 34.3% to hackers and 31.2% to competitors.
However, only 47.3% of companies in the country monitor such incidents. As for the remaining percentage, 25.4% plan to implement it next year.
Like with any new project, the strategy that a company must implement to stay protected from any attack can be complicated or even confusing.
However, it is a necessary step because PwC refers in its report that cybersecurity has the ability to make the growth of the organization easier and more efficient, which can give, to the organizations, market advantages and help to build and consolidate their brand.
With this in mind, we share 4 tips that Mauricio Cárdenas, Head of Operation Infrastructure at NIC Mexico, recommends to improve the cybersecurity of your company:
1. Take care of passwords
The recommendation for passwords is almost always the same: 8 characters including capital letters, numbers and / or symbols. In the end, they are very difficult for a human to remember but relatively easy for a machine to guess.
The most recommended is to have a 20-character password – it does not need to be capitalized – easy to remember but very difficult to guess as the following comic explains:
Finally, it is important not to write down passwords on post-its or any physical place, the most recommended is to use a password manager like Password Gorilla.
2. Use a firewall
A firewall is a computing device that allows filtering traffic that goes in and out of a network, it can be physical (hardware) or installed (software). This tool is essential to secure computers since it can help stop external attacks that come from other computers.
3. Deny permissions
It is important that in your network you only allow entry and access to what you know and need. Opening more doors than necessary is increasing the chances of an incident.
In addition, it is recommended that several steps are required to arrive at company documents. Their access, also, should be granted only to those who need them.
4. Train staff
Last but not least, the final touch to the cybersecurity strategy should be a trained staff. Human beings are the weakest links, even if networks have the most advanced security technology, people are a key part of accessing them and thinking about the human factor, it is easy to fall for phishing or other attacks.
As Mauricio said, people are very creative in doing evil. For this reason, it is essential to protect the networks and documents of your company as well as possible. However, it is important to note that security in its entirety does not exist.
Finally, security is an emotion, so nothing can guarantee 100% that you are protected. However, the more walls you build, the less likely someone is to knock them down. The key is to have a good cybersecurity strategy, never let your guard down and update the security techniques whenever they require it.