Beyond mere technology, cybersecurity has become – and rightly – a strategic priority for large companies. Digitization has changed the modus operandi of many criminals, which for a long time focus their efforts on besieging these types of companies through cyber attacks. Threats multiply because the methods used by criminals are increasingly sophisticated and harmful, and corporations are aware of the risks to which they are exposed. In general, larger organizations are better prepared than SMEs. The problem is that they are also more exposed to malefactors, which forces them to invest more resources to detect, block and mitigate these aggressions. «The proliferation of IoT devices [internet de las cosas] That they are not managed correctly or migration to cloud environments, together with poor vulnerabilities management and poor network segmentation, makes criminals have a wide range of possibilities when it comes to attacking a company, ”says Josep Albors, responsible for investigation and awareness of Eset Spain.
Precious data
Today, most attacks are related to the theft of information, especially credentials such as passwords and personal data. When accessing this type of documentation, computer pirates manage to enter corporate environments and, once inside, can develop the following phases of their offensive, which can lead to, for example, in the theft and encryption of confidential information. It is then that they blackmail the company that have attacked with the payment of a high amount of money in exchange for not making this stolen data public. In parallel, Albors continues, the cybercounts «may have encrypted several systems of the organization», which can cause the company to continue with its activity, with the consequent and important economic and reputational losses that this supposes. Despite that not all companies are prepared to face a cybergression, it is true that those of greater volume do have sufficient capacity and means to face a situation of danger such as a situation of danger such as a situation of danger. It is an onslaught of these characteristics. After all, the business survival itself is in it. «The problem comes when massive conditions are detected. Then the recovery and response must be made in a coordinated manner, so the public-private collaboration is essential,» says the head of cybersecurity of NTT Data, Miguel Ángel Thomas. In these cases, the evolution of defense systems is essential to maintain the level of resilience of these corporations.
Managers in Diana
It is no accident that some of the most attacked areas are financial and all those related to the activity of the CEO, areas where economic items are directly managed. The normal thing is that the aggressors try to deceive through phishing attacks aimed at the senior management of the company or people of their trust. «Another of the most threatened departments is that of innovation, where the intellectual property of the company and its industrial secrets is usually found,» recalls Thomas. More information and as cybercriminals are aware that it is increasingly complicated to assault the great organizations, because the security measures they implement are robust, in many occasions going to place the target on external collaborators who participate in the development of their activity throughout the entire digital chain.
The weakest link
Although the attacks are increasingly sophisticated, largely due to the use of artificial intelligence (AI), email is still maintained as the favorite access door of criminals. The little preparation of users, added to the lack of safety tools causes the E-mail input tray to be a hole where much of the threats are sneaked. Experts agree that people are today the weakest link in the chain. The solution goes through awareness and preparation. «You have to train the template in terms of security, these courses must be refresh every so often and test people to see if they have impregnated that knowledge. These steps prevent many problems in the future,» affects the co -founder and CEO of Barbara IoT, David Purón. This start-up specialized in the development of industrial software has patented a computer program that helps its clients manage the security of the internet devices of things. «The question is not whether they are going to hack you or not; it is when it will happen, because it will ever happen in life, especially in a company,» says this engineer. After employees, the second most vulnerable point of organizations has to do with the outdating of their operating systems. For Purón it is essential to have an incident response plan, and activate it when the time comes. The first step is to contain the attack. Next, you must communicate to all the parties involved: workers, authorities, regulator, security forces … and finally, recover the systems and evaluate the impact.
A sector that grows double digit
The cybersecurity market will move around 213,000 million dollars this year, according to the analysts of the Gartner consultant. The figure will reach 240,000 million in 2026. Higher defense budgets, increased threats, growing regulatory pressure and better awareness within companies will maintain a high level of spending in the medium and long term, experts argue. In Spain, this industry stood at 2.5 billion euros in 2024, with a growth of 14% compared to the previous year. More huge are the cybercrime numbers – between nine and ten billion dollars – which represents 1.5% of the world GDP. «We are facing a curious paradigm: cybersecurity advances fast, but cybercrime is even faster,» says David Purón.