Cibersecurity: thinking ahead is key

Gartner estimates that investment in information security and risk management will reach USD 172 billion worldwide in 2022, up from USD 115 billion in 2021. Security expert provides additional details and advice for avoiding attacks.

Both the pandemic and the war between Russia and Ucrania have brought new challenges to the world, including demands for more controls, monitoring, and prevention. Even the scarcity of material, such as microchips, has created the need to look for ways to reuse what you already have or send things to the cloud, which means that these will also need protection.

Pablo Dubois, Regional Security Product Manager for Lumen Technologies in Latin America, believes that as cyberattacks become more commonplace and sophisticated, companies need comprehensive security solutions to protect their critical data and applications.

Additionally, the executive raises some topics that require further attention:

Training of personnel responsible for managing the company’s or customers’ sensitive data.
Thinking ahead, companies must do more than simply detect and prevent malicious activity; they must consider that they have already been attacked and need to anticipate the response to this situation.

That way, companies will focus on dealing with an increasingly complex framework for action. According to an Interpol[1] report, due to the pandemic, malicious email traffic has increased by 30% worldwide, which equates to more than 1.5 million emails per day.

In a recent report by Accenture[2], we note that there has been an increase in cyberattacks in 2021, with an average of 270 attacks per company throughout the year (unauthorized access to data, applications, services, networks, or devices), representing a 31% increase over 2020.

Lumen’s expert says that as cybernetic threats become more common and harder to detect, organizations need more immediate and proactive comprehensive security solutions to protect their critical business data and applications.

Dubois noted that the most common threat is malware, or malicious software, which is installed in the system causing changes to equipment, blocking network access, and enabling appropriation of personal information. An example is Phishing, or identity theft, which seeks to steal sensitive data, usually through emails.

The executive adds to the list interception attacks such as Man-in-the-Middle (MitM), also known as eavesdropping, usually carried out by criminals using a public or insecure WiFi network to secretly access and control devices and steal or capture confidential information.

It is also important to consider denial of service attacks (DDoS), i.e., attacks that are capable of breaching multiple devices and damaging the company’s system by saturating the network to prevent it from concluding processes and requests. Lumen’s latest 1Q22 DDoS report shows that of the 500 largest attacks in the first quarter, 97% targeted the Telecom, Gaming, Software and Technology, Hosting, and Government verticals.

In all cases, says Dubois, companies are vulnerable to cybercriminals who demand ransoms ranging from a few dollars to thousands or millions of dollars to let them recover their information.

For Lumen Technologies’ Regional Security Product Manager for Latin America, IT security is still a pending issue that requires the creation and development of a smart and automated ecosystem to respond to threats immediately, seeking to maintain and ensure operational continuity.

Dubois emphasizes that we need to be continuously alert and one step ahead in terms of cybersecurity measures.

[1] – https://www.interpol.int/es/Noticias-y-acontecimientos/Noticias/2020/Un-informe-de-INTERPOL-muestra-un-aumento-alarmante-de-los-ciberataques-durante-la-epidemia-de-COVID-19
[2] https://www.accenture.com/_acnmedia/PDF-171/Accenture-State-Of-Cybersecurity-2021-V1901.pdf#zoom=40