In recent times, the massive use of the Internet has caused cyberattacks have increased by 26% in 2021 in Spainwhich makes our country the third most attacked in Europe.
Cybersecurity is not a practice that is usually carried out in small companies, but due to the opportunity provided by the Digital Kit to implement it, some small companies and micro-businesses have taken advantage of it to protect themselves.
However, the result of the study carried out by Gowtech in 2022 has been a resounding suspense (the companies analyzed get an average of 3 in terms of cybersecurity measures), expressing a clear need for SMEs to implement improvements in security.
In this sense, and according to the National Institute of Cybersecurity (INCIBE), the most frequent security incidents are fraud and identity theft, which affect both individuals and companies. In fact, 94% of Spanish companies acknowledges having suffered a cybersecurity incident in 2022 and that is that cybercriminals attack its servers and platforms in search of relevant information that provides them with economic benefits.
In an x-ray of the cybersecurity of Spanish companies, Isidoro López-Briones Santos, head of digital technology strategies at the technology company, points out that “When we work with companies, it is usual to find an environment that reaches a risk of 70% before applying cybersecurity measures”.
For this expert, companies usually have systems with some Trojan horse, weak or non-existent passwords, pending updates corresponding to security patches, computers without antivirus, dubious legitimacy software, systems with poor network configuration, and on servers when the they have, computers that act as servers without any type of policies and resources and folders at risk for being poorly shared.
Loss of data due to computer attacksphysical disasters or simple human errors suppose loss of between 2,000 and 50,000 euros for SMEs, according to INCIBE figures. Figures that contrast with the fact that 99.8% of the Spanish business fabric still does not invest in cybersecurityas extracted from the ‘Current panorama of cybersecurity in Spain’ prepared by Google.
For Gowtech, he highlights that “It is beginning to be seen that the trend is changing since “41% of SMEs with more than 10 employees consider that they have to invest in protecting themselves against cyberattacks”.
Gowtech experts point out that there are some basics that workers must know so that Spanish companies are safe:
1. Basic training of employees in cybersecurity matters
The first barrier for the attack does not affect the system is the own employee or user. Workers must be informed and trained not to open anything that could be a danger to the company, many times these cyberattacks arrive through emails with attachments (phishing).
2. Bet on the protection of accounts
The worker must use secure passwords, which are not repeated between accounts and in no case reuse passwords in personal and work accounts, as well as not share them with anyone and use two-step verification as much as possible.
3. Be careful who enters our systems
Must be control access to the devices we use, ensuring that nobody accesses without permission, especially with company laptops that are removed from the offices or used by other people in our environment. Another important action is not to use external memories if you are not fully sure that it is trustworthy.
4. Bet on anti-malware protection
Viruses mutate to become increasingly dangerous and no company is exempt from them. That is why we must use up-to-date software and applications on all corporate computers and devices, including mobile devices and external storage media.
5. Business continuity
It is necessary protect the main processes of business through a set of tasks that allow the organization to recover after a serious incident in a period of time that does not compromise its continuity. In this way it is guaranteed to be able to give a planned response to any security breach.
GOWtech offers a free report, since cybersecurity is the responsibility of everyone who makes up the company. “You can ask us without obligation to review the computer system and thus have a better understanding of the risk you are running”maintains López-Briones.
