The world in which we live allows us to constantly interact with new technologies, to facilitate our activities and our lives in general. They are focused on education, industry, telecommunications, online business and others. It is a revolution and a digital age. This has brought many new concepts, it is common to hear words like: teleconference, telework, malware, hacker, virtual platform, virtual banking, cryptocurrencies, ransomware, email, geolocation, artificial intelligence.
This digital world has been evolving for decades, with a focus on greater computing speed and capacity, greater data processing, and faster information transfer. Intelligent machines and systems, with less dependence on human interaction and programming, to have self-learning, take their own actions and decisions.
However, something that we generally do not know or are not aware of, are the risks that we face with the use of these technologies. Cyber threats are everywhere, cybercriminals who want to steal your accounts when you browse the internet, malware that wants to infect your devices, organized crime that wants to hijack information from companies.
All technologies have weaknesses and vulnerabilities, these can be identified and exploited by hackers, cybercriminals or specialized tools. These vulnerabilities, both in people and in technological tools, could trigger a cyber attack or a security breach, which can have serious consequences.
For this and much more, cybersecurity is so important. Without having the necessary knowledge, skills, habits and care; any of us (individuals or companies) could be the victim of a cyber threat or a cyber attack. We can all fall, regardless of the context or scenario in which we find ourselves, using our smartphone, computer, surfing the Internet, using email, virtual banking, remote connections or social networks.
Simply open an unsafe web link within an email, log in to a fake website, open a social media promotion, download and launch a new app from an unsafe source, or open an image of a traffic ticket. . Any of these examples could cause your bank account to be vacated or stolen, which could make a copy of the conversations, photos and videos on your device. That an employee is the victim of social engineering, such as identity theft, and a transfer of funds is made from the accounts of the company that he manages, to unknown destinations. That the critical information of a company is encrypted / encrypted and a large amount of money is demanded in return to recover it (extortion).
Cybersecurity is for everyone, it must be something fundamental, like knowing first aid or knowing what to do and what not to do in case of an emergency.
Cybersecurity training and education should be provided to everyone, so that they don’t go out defenseless in a world rife with scams, threats, and cybercriminals. It is important that they know the fundamentals and principles of security, such as identifying the main threats, knowing good practices, and implementing security measures, such as a periodic secure code review for your site. When you are facing a cyber threat or a hoax, know what to do and what not to do, how to act quickly, and who to contact.
Cybersecurity training and awareness programs must be focused on all people and collaborators. For those who are not so familiar with technology (the majority), basic training should be carried out, with a minimum level of complexity, easy to understand and great learning. For people with experience and who work in IT areas, the training should be more specialized.
The training must be periodic, since the threats are constantly evolving and are becoming more complex. Doing simulations with controlled cyberattacks, such as phishing campaigns directed at the company’s people, it will be possible to identify both the level of risk that the human factor has on people, and the effectiveness of cybersecurity awareness training and awareness programs. . According to some global reports, more than 90% of successful cyberattacks required the intervention of a person.
Trainings should enable people to take good deeds, identify threats and report them properly. We end with the phrase: whoever sweats more in a training field will bleed less on the battlefield.