Cyber security has been on everyone’s lips for a few years, mainly due to two very prominent facts. The first was the entry into force of the new General Data Protection Regulation, and the second was the massive involvement of Wannacry. Both facts put on the table issues that, although they were not unknown, were very obviated by most companies, especially SMEs, such as exposure to risk and responsibility in case of damage caused by the lack of countermeasures.
Big companies, in most cases, had been investing in cybersecurity for years, perhaps driven by a market increasingly oriented towards electronic commerce, or by their relationships with third parties, as suppliers or customers. In addition, they have the financial muscle that allows them to invest in technologies that generate confidence and a sense of protection. A good implementation of a cybersecurity framework, can carry out the addresses of our companies to think that attacks are not really happening and the company is not really at risk.
So … Should my company start evolving its cybersecurity systems?
Strongly yes. All companies, regardless of their size, must evolve their security systems, and in addition, they must establish guidelines to review these systems with a certain frequency.
The cyber risk ecosystem has changed, while before the attacks were directed at companies with some interest, today they are launched massively, with no specific objective. While it is true that the hacker behind an attack is less professional, the economic reward he receives makes many more. All companies, even the smallest manufacturing companies are connected to the internet, and all use some computerized management or production system capable of paralyzing their businesses to some degree.
Now, you have to demystify some things and lay the foundations for cybersecurity action:
“Security is everyone’s business”