Good practices in cybersecurity are necessary for companies and users based on the evolution of crimes committed through the network. The VII Report on Cybercrime by the Spain Secretary of State for Security, confirms a 35% increase in the number of cybercrimes in 2019, exceeding the 218,300 known facts. According to statistics, one in ten crimes was committed using the network. As a curiosity, the report points out that 88% of crimes corresponded to computer fraud (scams) and almost 6% to threats and coercion.
The emergence of teleworking in homes, as a result of the confinement by the coronavirus, has increased since March the volume of cybersecurity attacks and the need to implement good practices.
Some of them came up at the online discussion panel “:Is your company Cybersecure?”, organized by Comunitat Valenciana Digital District, on June 15.
In the webinar Joaquín Molina, better known as Kinomakino, Senior Advisor of Cybersecurity at Verne Group; Javier Jarauta, head of Strategic Demand Generation of SIA, Indra’s cybersecurity company; and Carmen Serrano, head of the Security Service and director of the ICT Security Center of the Region of Valencia, CSIRT-CV, provided some keys. The debate was moderated by Virginia Tovar, co-founder of the BitUp Alicante Cybersecurity Platform.
Cybersecurity recommendations
These are some of the best cybersecurity practices that the experts form the online discussion recommend to increase online security for companies:
- Be aware of the risks and that, regardless of the size or sector of the company, we are exposed because sooner or later an attack will occur.
- Start with a triage that allows us to know the degree of maturity of cybersecurity in accordance with existing regulations, risks to which we are exposed, and action plan.
- Make continuous evaluation. Prepare reports and proposals for improvement.
- Security must be brought to people. It is necessary to prepare employees for good cybersecurity practices, especially now that we are using devices from home.
- If tools are implemented, they must be managed by experts.
- Not having a short-term vision of Cybersecurity.
- Review basic questions such as passwords: do not use the same one for everything and make sure they are all very secure.