Recently it has been said that there are two types of companies: those that have already been victims of cyber-attacks and those that are about to be. Attackers often go undetected for quite some time before the damage is discovered and during that time they can collect information on company processes and methodologies, but also sensitive data from partners and customers.
The main characteristic of a cyber risk action plan is that it provides resilience (the ability to get out of a crisis and return to normal) by operating before, during and after the incident. In addition, the following are key points for effective protection:
- Conduct a risk assessment, identify potential vulnerabilities and address them following a report, verify compliance with international standards for handling banking information.
- Provide continuous training to staff. Technology is constantly advancing, it is important that all staff have training to reduce threats, not just the IT department, as 80% of the risk is attributed to human error.
- Retroactive protection. According to IBM, the average time it takes to discover a cyber breach is 206 days, there are many possible damages in that period, so an insurance policy with retroactive coverage is important in the face of such threats.
- The support of a team of experts. If the necessary support is in place, many times the incident does not escalate to a serious problem, for example, ransomware (data and file hijacking) cases where it has been possible to unlock and recover everything that was breached. This should include computer forensics teams, legal advisors, notifications, call-centres, credit monitoring research, credit freezing and fraud alerts.
In Mexico, the legal framework obliges third parties to report if their information has been compromised in this way, and there are even fines that, although lower than those applied in Europe, amount to 2 or 3 million USD. This is without considering the damage to customer confidence and the company's image.
Because of the health contingency, it seems that the whole world is in a home office, a situation that, however comfortable and beneficial it may be, also creates vulnerabilities in the handling of company information, as each personal computer becomes a potential access point.
We invite you to approach us to find the best option to protect your business against this type of threat.
For more information, please contact us via:
Fidex Contact: +52 (81) 8133 6100contacto@fidex.com.mx