[class #6] Main cyber risks and information security

In this class, Ricardo Paredes, IT manager at Pirani, teaches us the Main Cybersecurity Threats and Trends like Ransomware and how to avoid them, the action plan against a successful ransomware attack, Phishing and how it has catastrophic effects on organizations, and how to make good management about this cyber risks with Pirani.

Main Cybersecurity: Threats and Trends

Ransomware is malicious software or malware that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.

How to avoid it?

• Keep operating systems, software, and applications current and up to date. 
• Ensure anti-virus and anti-malware solutions are set to update and run regular scans automatically.
• Back up data regularly and double-check that those backups were completed.
• Secure your backups. Ensure they are not connected to the computers and networks they are backing up.
• Create a continuity plan if your business or organization is the victim of a ransomware attack.

Action Plan against  a success Ransomware Attack

• Check the network
• Shut-down
• Download Network Share
• Remediate Encryption
• Prevent
• Report  to authorities

Phishing

It is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, credit card details, and passwords.

How phishing has catastrophic effects on organizations:

• Direct financial losses
• Damage to reputation
• Loss of customers
• Loss of organization value

An organization is only as secure as the people in it.

How to make good management about these cyber risks?

• Information Assets
• Controls
• Action Plans