*By Leonardo Silva
With the advent of the COVID-19 pandemic, new health measures were adopted globally, including social distancing. As part of this distancing, many organizations around the world have adopted remote work as a measure of continuing its operations and maintaining the health of its employees.
In Brazil and in the world, remote work was already on the way to becoming a reality, but with the need for hastily distancing, many essential measures were left aside, including the care with information security, which in most companies is not yet a fully developed subject.
One of the great motivators of this scenario is the lack of preparation of the information security teams.
Increased number of cyber attacks during the Covid-19 pandemic
According to Global Information Security Survey 202, a study prepared by the EY company, shows three out of four companies (about 77%) observed a significant increase in the number of cyber attacks suffered in the last 12 months, these being mostly ransomware attacks.
The techniques used by criminals are increasingly sophisticated and specific, with 43% of the survey participants being “more concerned than ever” with their companies' ability to manage these threats.
Security managers who participated in the survey point out that with the advent of the pandemic, some processes were ignored to facilitate distance measures and remote work. In addition to the pandemic factor, 39% of respondents believe that there is no appropriate investment for their organizations to manage the new threats to cybersecurity.
70% of Brazilian companies do not have an area and teams dedicated to information security.
During the first quarter of 2021, there were more than 3.2 billion cyber attack attempts in organizations from all sectors in Brazil, the vast majority being ramsonware attacks and attacks aimed at data hijacking.
The country now leads the ranking of attempted attacks in Latin America. If this extremely worrying scenario were not enough, it was identified in a survey by the company Mastercard that only 30% of Brazilian companies have a dedicated team for information security functions.
With the absence of security-oriented people, processes and technologies, more specific and far-reaching cyber attacks can bring services to a standstill and expose large databases.
Attacks with this profile have been taking place since the beginning of 2021. Adding to this factor, the lack of specialized teams in cyber security, together with the lack of one SOC (Security Operations Center) ready to act in the identification and response to incidents contributes to the incidents being left without the proper response, causing the regression of information security maturity, causing incidents that can compromise the organization, its data and its customers' data.
Conclusion
THE COVID-19 pandemic showed several security weaknesses in organizations. Now that we have remote work as a rule, security controls are increasingly needed. Not only are technological controls indispensable, but also controls for awareness and training of staff and employees become critical in a scenario where a growing number of cyber attacks is increasingly harmful and common.
The adoption of teams specialized in digital security, together with a SOC (Security Operations Center) dedicated and ready to act in the identification and response of incidents are key parts for business operations to remain safe and reliable for everyone in this difficult time in which we live.
— Leonardo Silva is GRC and Information Security Consultant at [SAFEWAY]
THE SAFEWAY is an Information Security company, recognized by its clients for offering high added value solutions, through Information Security projects that fully meet the needs of the business.
During these years of experience, we have proudly accumulated several successful projects that have earned us credibility and prominence in our clients, which constitute in large part the 100 largest companies in Brazil.
Today through more than 23 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people.
SAFEWAY can help your organization through SAFEWAY SECURITY TOWER a complete service chain so that your operations continue to be monitored and protected by a highly specialized team. Our SOC works on a 24×7 basis, with a high-performance technical team and tools to assist your organization in identifying and responding to incidents in a predictive and reactive manner, keeping your business safe and monitored at all times.
Let's make the world a safer place to live and do business!
