Amidst the massive layoffs at tech companies, one tech profession continues to grow at an unstoppable pace: cybersecurity technicians and managers . And with good reason. The problems keep mounting. Cybersecurity companies are experiencing their golden age. Not even the tech industry crisis seems to affect them. This year, in the midst of this global crisis, they're doing exceptionally well . Digital security is now indispensable. Other software, perhaps, is.
LastPass, one of the most widely used password managers in the world, acknowledged a security breach a few weeks ago. When even the bastions of security are experiencing these problems, we have a serious global issue. Passwords, emails, bank accounts, access to digital wallets, and other data may have fallen into the hands of attackers. LastPass, like other password managers, is the digital version of the traditional notebook. However, this digital version has two advantages: (1) it's cloud-based; (2) the passwords are encrypted (only accessible with a master passphrase, which is now in doubt as to whether they also managed to obtain it). But even this is no longer a guarantee of safety.
It's worth taking stock of our cybersecurity situation from time to time, lest we become complacent. Crime, naturally, has also undergone its own digital transformation. Wherever there's easy money, whether by circumventing the law or not, criminals pursue it relentlessly. Therefore, it was only a matter of time before exploiting the naivety of users when they employ powerful tools like our computers or mobile devices became a threat. It's no surprise that the World Economic Forum has already classified cybersecurity risks as probable and high-impact in the risk matrix it publishes annually. 
A few weeks ago, we also learned that Uber's former head of security had been convicted for covering up a 2016 cyberattack . His name is Joe Sullivan, and he was subsequently fired when it came to light that he had paid a ransom of at least $100,000. The attackers had managed to access a database of 57 million users worldwide. The fact that this had happened was not good news for Uber. But neither was paying the ransom. I believe this case could set a precedent in this field.
For all these reasons, espionage and cybercrimes now represent between 15 and 20% of the value generated in this digital economy. We must take measures, both personal and organizational. We are a country with a very high penetration rate of Information and Communication Technologies. Therefore, our exposure to these risks is greater. And cybercriminals know this. Cybersecurity experts warn of a record number of threats, with critical sectors as the main target. Trend Micro cybersecurity experts have warned of a record increase in threats, with critical sectors—government, banking, and healthcare—as the main targets of criminals. Specifically, they indicate a 42% year-on-year increase in 2021, exceeding 94 billion detected cyberattacks .
Given this scenario, we asked ChatGPT what risks we face. At Brain and Code, we currently have two Cybersecurity Bootcamps running for large companies. And, naturally, we need to stay up-to-date on the main threats. Here's what they told us:
Of course, there are several cybersecurity risks that a company must consider today. Below, I detail the most relevant ones:
- Phishing and malicious emails : Phishing attacks and malicious emails remain one of the biggest threats to cybersecurity. Cybercriminals use these methods to trick company employees into revealing sensitive information such as passwords, usernames, and financial details. To mitigate this risk, it is important that employees are trained to detect and avoid malicious emails and that the company has clear policies on how to handle sensitive information.
- Ransomware : Ransomware is a type of malware that blocks access to a company's systems or files until a ransom is paid. This type of attack can be devastating for a business, as it can result in data loss, business disruption, and reputational damage. To mitigate this risk, it is important to have robust and up-to-date backup systems, as well as clear policies on how to respond to a ransomware attack.
- Brute-force attacks : Brute-force attacks occur when an attacker attempts to guess a password using an automated program that tries different combinations of characters. This type of attack can be effective if the password is weak or if employees reuse passwords across multiple accounts. To mitigate this risk, it is important for the company to have clear policies on creating strong passwords and for employees to change them regularly.
- Malware on mobile devices : Mobile devices such as smartphones and tablets are increasingly common in the workplace, but they are also vulnerable to malware attacks. Employees can download malicious apps or connect to unsecured Wi-Fi networks, which can result in the exposure of sensitive information. To mitigate this risk, it is important to have clear policies regarding the use of mobile devices in the workplace and to provide appropriate mobile security solutions.
- Third-Party Security Breaches : Businesses often work with third parties, such as cloud service providers or software companies, and these third parties can be victims of cyberattacks. If a third party's security is compromised, this can put the company's confidential information at risk. To mitigate this risk, it is important for the company to carefully assess the security of the third parties it works with and have clear policies on how to handle confidential information shared with them.
It's important to remember that security is a constant challenge and that new threats will always emerge. To stay secure, it's crucial for a company to have a comprehensive security approach that includes employee training, the implementation of appropriate security technologies, and ongoing security risk assessment.
And this last point is written by a human again: the most critical link in the security chain is yourself. Get trained in this.
Brain and Code ©
April 1, 2023
28 comments
Thanks for sharing. I read many of your blog posts, cool, your blog is very good. https://www.binance.info/sk/register-person?ref=OMM3XK51
I don’t think the title of your article matches the content lol. Just kidding, mainly because I had some doubts after reading the article.
Thanks for sharing. I read many of your blog posts, cool, your blog is very good.
Thanks for sharing. I read many of your blog posts, cool, your blog is very good.
Your point of view caught my eye and was very interesting. Thanks. I have a question for you.
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
Muchas gracias. ?Como puedo iniciar sesion?
Can you be more specific about the content of your article? After reading it, I still have some doubts. Hope you can help me.
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
Your article helped me a lot, is there any more related content? Thanks!
Your point of view caught my eye and was very interesting. Thanks. I have a question for you.
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
I don’t think the title of your article matches the content lol. Just kidding, mainly because I had some doubts after reading the article.
Thanks for sharing. I read many of your blog posts, cool, your blog is very good.