Five ways to combat a cyberattack quickly

5 min Security China makes official new data guidelines to "maintain national security"

The data clash head on and show a not very pleasant reality. While companies in Brazil are subject to an average of 28 cyber attacks per year, 32% of company executives in the country believe their organizations are ill-prepared to deal with it. Things become even more sinister when you think that, every day, the bandits evolve their techniques and become even more dangerous.

  • 7 cybersecurity predictions for 2023
  • Four urgent measures to increase the security of your company

“These incursions evolve faster every day, based on an increasing sophistication of cybercrime techniques. It becomes difficult to respond in an agile way to all possible scenarios”, points out Gabriel Moskovicz, director of data solutions for corporations at Elastic in Latin America. The figures presented by the developer of search-based solutions present a risk scenario, but which can also serve as a trigger for defense and mitigation measures, with five measures that can accelerate this process.

More security strategy and management

Talking about the adoption of threat intelligence systems, governance measures, prioritization of connected devices and known vulnerabilities, as well as the application of zero trust and verification elements, can be rain in the wet. Organizations that have not yet adopted such dynamics are at great risk, while those that have already applied such elements are now in a moment of evolution, with the improvement of the already installed bases becoming the focus of investments in digital protection.

According to the Elastic executive, evolution is the investment trend for the next two years. Among the new measures is the optimization of management policies, the creation of recovery plans after incidents and the carrying out of tests that put the organization’s resilience to the test. Maturity, Moskovicz points out, is the watchword for charting a route towards more strategic responses.

Backups must be a priority

One of the most traditional elements of technology, needed by end users to large corporations, remains one of the main elements of recovery in the event of a cyberattack. In the escalation of ransomware, having a robust backup policy, as well as protecting the systems responsible for it, minimizes data loss and ensures a more agile return to operations.

Keeping systems separate from network connections that could allow the plague to spread is a staple, while investing in maintenance and testing of recovery systems helps take this strategy further. It is, moreover, a basic element that can often be neglected; According to Elastic, ransomware is the third biggest concern for technology executives, behind human error and phishing, yet only a third of organizations prioritize investment in this type of asset.

communication plans

This measure follows the first on the list, but is focused on the non-technological outcomes of a cyber incident. Recovering the functioning of systems and ensuring that data is not lost is one step, regaining the trust of affected customers is another, much more difficult; and 32% of companies in Brazil think so, according to a survey by Elastic.

“More commonly, organizations focus more on the technical aspects of cybersecurity and less on the need to have a crisis communication plan,” says Moskovicz. In his view, it is necessary to prepare teams in advance to deal with official announcements and control the flow of information in the event of data leaks, for example, in addition to outlining hypothetical scenarios that, if they become real, can be put into practice.

keeping an eye on everything

With the adoption of cloud computing systems, Internet of Things devices and different endpoints connected to corporate systems, what experts call the attack surface is increasingly expanding. Basically, they increase the entry opportunities for criminals, facing different systems and platforms that don’t always talk to each other, but that need to be protected in order to avoid cyber attacks.

“As IT environments grow, organizations need to update their security controls”, points out the executive. “We recommend investing in security information and event management (SIEM), identity and access controls (IAM) technologies, and solutions that provide continuous monitoring.”

automation for surveillance

Again, we have a measure that goes hand in hand with the previous one. Keeping systems always protected and connected is a herculean task that can benefit from artificial intelligence and machine learning technology. Such innovations learn from attack vectors, can recognize gateways and also point out elements that need more human attention in order not to become a risk.

It doesn’t help that the sophistication of cyberattacks makes them increasingly difficult to detect. On the other hand, we again have a distortion in the data, with only 16% of Brazilian companies claiming to use this type of advanced Reviews to protect their business.

“In addition to the ability to detect threats imperceptible to the human eye, this type of solution also helps to automate the resolution of security incidents”, concludes Moskovicz. Thus, he points out, it increases the level of data protection and the efficiency of that defense, while analysts can focus on what really matters, with a smaller workload.