Safeguarding the integrity of companies and identifying the total number of vulnerabilities that an unauthorized user can use are an essential part of an appropriate cybersecurity strategy. As well as avoiding intrusion into the system and data theft on risky surfaces, according to specialists. These statements took place at the Mexico Cybersecurity Summit 2021, where experts from technology organizations met to discuss and propose new solutions in cybersecurity.
Also, experts emphasize, users are usually the weakest part of a company’s technology chain, however, they can become the strongest barrier against cyberattacks. They show how a successful strategy consists of understanding that people are essential as part of the process and integrating them into the holistic plan, which reacts proactively to any possible risk.
They also assert, as individuals and companies make use of the cloud or social media applications, the surface of risk expands. “Without conscience they can leak personal and professional information to other corporations and even to other countries,” was the statement made by Enrique López, INVEX’s director of cybersecurity, during said summit.
Data Warden, a company that provides cyber security solutions, pointed out for NotiPress: “Visibility is the key to properly mapping risk surfaces.” In the same way that in the Cybersecurity Summit, Ernesto Rosales, its director of the managed service added that these can increase through the most common technological tools used today.
“The cloud is linked to our digital footprint, this leaves us exposed to criminals and gives them a broader window of opportunity to access our data. It reveals information that we have or use, but most do not know how vulnerable they are,” reiterates Rosales .
Erick Ayala, Data Warren’s business development manager, specifies poor visibility as a major problem and argues “it means that we do not have control of our digital infrastructure as it is a service provided by a third party.” He even points out, this started since employees began working from home by sharing the network with others, putting their company’s devices at risk.
Regarding threats from network connections, agencies will take measures to protect workers’ information, even if they are not working. This due to poor data protection, which often exposes the priorities of a company, they explain illustrated in the matter. However, they argue, there is no one-size-fits-all solution, as each company has different business processes and their understanding is essential to identify the data that each business must monitor. To reduce the risk surface, companies will need to be aware of their critical processes and the areas where they are likely to be most affected in the event of an attack.
“It is vital to implement an internal approach, which follows the principles of the Center for Internet Security (CIS), focused on limiting the control of hardware and software assets”, complemented once again the director of the managed service of Data Warden. In addition, agencies must develop incident response management strategies and implement ongoing network testing.
The loss of user information can have serious consequences, and there are multiple risks for businesses that are not protected, especially in the financial sector. Therefore, monitoring to identify vulnerabilities and invest in cybersecurity tools becomes a necessity, according to the explanations provided by professionals in this area.