5 errors in the security strategy that put corporate information at risk – Cepymenews Your browser is not updated, it may not show all the characteristics of this and other websites.
You can update it here
16 | 09 | twenty-one
Information Security Day
2021-04-09 Updated 09 | 04 | 2021 11:25
Corporate information security strategy
Every November 30, Information Security Day is celebrated, a date that focuses on the protection of corporate data and the measures necessary to achieve it.
Now that the coronavirus has completely changed the way many companies act and, therefore, many employees have been telecommuting for months, it is more important than ever to reinforce cybersecurity levels. For this reason, Check Point® Software Technologies Ltd. (NASDAQ: CHKP) reveals five mistakes companies make when designing their main security strategies:
- Obviating the need to secure email: Despite being an essential element in any company, hardly any security measures are used to protect corporate email. However, according to the Threat Intelligence Report by Check Point, email is the main attack vector by cybercriminals against companies: 7 out of 10 malicious files arrive through email. Likewise, the company’s report indicates that a third of malicious files have the extension .exe, that is, they are executable files that, once the user clicks, starts the download of computer viruses on the computer. Therefore, securing this asset is key, since it is one of the most used ways to share corporate information, especially as a result of the introduction of teleworking.
- Not protecting the cloud properly: teleworking has driven migration to the cloud. This process, due to the circumstances, has been carried out quickly but without the necessary security measures. In fact, according to the Cloud Security Report 2020, 3 out of 4 companies are concerned or very concerned about cloud security, and 68% point to misconfiguration as the number one cybersecurity concern. Added to this is the fact that more than half of companies (52%) believe that the risk of security breaches in cloud infrastructures is greater.
- Use unprotected devices: Now that more and more personal and corporate devices are connected to the corporate network, the risk of not having robust protection is much greater. Therefore, implement security measures on mobile devices such as laptops, tablets or smartphones it is essential to protect a company against cyberattacks. To remedy this, it is essential to equip these products with security software that prevents access to the information it stores, as well as threat prevention.
- Remote connections without VPN: With the new remote work model, millions of professionals work from home through their home internet connection, that is, relying on the basic security of their provider but without using VPN networks (Virtual Private Networks) to access corporate information in remote. For this reason, they warn of the need to use this type of security measures, since they encrypt the flow of information between the computer and the server, preventing a cybercriminal from accessing it.
- Not training employees: Most companies place great importance on external threats, but rarely take into account the errors that can occur in their own system. To prevent these types of threats from affecting companies, it is essential to promote the training of employees so that they are able to identify and block cyberattacks and, with this, be able to avoid consequences such as the blocking of devices or files, or the theft of data confidential. It is important to remember that with this type of cybersecurity training the company will be able to make its staff the first barrier to protect the company against cyberattacks.
“Today it is imperative to have a good protection system in companies, as the attack surface and potential targets of cybercriminals have increased. The arrival of COVID-19 and its consequences in the way of working has caught many companies on the wrong foot and without the necessary security levels to face the challenges of the new reality. For this reason, it is key that companies take a step forward in terms of protection, since there are no second chances in cybersecurity ”, says Eusebio Nieva, Check Point’s technical director for Spain and Portugal.
It also highlights the need to protect all corporate computers and networks. To do this, they advise companies to opt for implementing a cybersecurity strategy based on proactive and based on threat prevention. In this way, the risks and consequences derived from being the victim of a cyber threat are prevented, thus protecting sensitive information.
Loading news …
Weekly newsletter with the most important news, information on grants and financing, tools, networking, tips, events and much more.
Important information about cookies
This web portal of cepymenews.es uses its own and third-party cookies to collect information that helps optimize your visit. Cookies are not used to collect personal information. You can allow or reject its use, you can also change its settings whenever you want. You have more information in our Cookies Policy.
I accept Configure