Cybersecurity: Are companies in Chile protected?

Last year, a bank in Chile was robbed of $10 million. But it wasn’t because of a sophisticated theft of a branch, or multiple attacks on ATMs. The event was caused by an attack on the bank’s terminals and accounts. According to Cooperativa, this was caused by the introduction of the virus (Malware Swapq) that affected some of its systems. In short: they damaged the bank’s networks and IT infrastructure

According to an investigation by Pauta, the theft was planned months ago and was not only because of a virus. In fact, the prestigious Kaspersky Lab, warned that with “multiple attacks with techniques and vectors of hybrid attacks, attackers could steal money directly from the bank’s assets.”

This event marked a before and after scenario about Cybersecurity. Although the Chilean government had already pushed the problem hard. To this end, he convened the Interministerial Committee on Cybersecurity (CICS) in 2015 to design a national Cybersecurity policy. However, due to recent events, in September 2019, the      government signed four supreme decrees to provide institutional cybersecurity to the country.

The urgency lines up with the latest data on these types of threats. According to Symantec’s 2019 Internet Security Threat Report (ISTR), 545,231 ransomware attacks occurred in 157 countries in 2018. Out of these, Chile placed 10th.

Therefore, it is necessary to ask: is company data in Chile protected? At Tecnova, we invite you to answer this question.

Study on Cybersecurity in Chile: Are companies threatened?

In May 2019, the results of the study prepared by Ipsos Chile for Microsoft, called: “Cybersecurity in Chilean companies”, were revealed. The publication aimed to measure the level of knowledge and familiarity that companies in Chile have with Cybersecurity. And it showed interesting results.

According to the study, 4 out of 10 companies have once suffered a cyberattack. “A lot of these caused a temporary loss of files or the removal of online services,” the consultancy told Fayerwayer. Larger and medium-sized companies (54% and 56% respectively) consider data protection treatment and investment necessary for their customers. The reason? 69% of large companies and 56% of medium-size companies believe they are vulnerable to cyber-attacks.

When disintegrating companies based on particular questions, the answers were strong. Asked about the main concerns regarding their computer security, 71% of companies expressed concern about information leakage. In the case of the claim, “a cyber-attack affects the image and corporate reputation of my company,” 68% of respondents agreed. Finally, the third concern of companies is that any attack can affect their operational continuity (67%).

Measures and recommendations: How does Tecnova collaborate?

For the study commissioned by Microsoft Chile, companies have taken steps to reduce cyberattacks. For an instance, 61% of companies purchased and installed security software. Generally, those chosen by companies are antivirus (92%) and Firewall (81%). This trend usually occurs in large and medium-sized companies. And, for the moment, there is the impression that increased investment would not go into hiring more staff.

According to Ipsos, only 38% of companies claim to have “enough people to manage these types of risks” by consulting companies that did and those that did not attack. This is important if it is considered that, according to figures from the Ministry of the Interior, there were 497 cyberattacks in 2018. Of these, 72% of the total went to public institutions, while the remaining 22.8% went private.

Due to these facts, Corporateit met some of Microsoft Chile’s recommendations. These include preventive controls, using cloud support, network access controls, acquiring cyber and “hygiene education,” using free software, backing up personal data, and first and foremost recommending “staying vigilance,” so that personal information that is transmitted goes through secure channels.

In this scenario, there are already companies committed to the cybersecurity challenge. In the case of Tecnova, the service in this area is directed towards the detection and mitigation of the security risks that web applications are exposed. The company is even Owasp certified (Open Web Application Security Project) and ISO 27001 and its static and dynamic inspection services, and ethical hacking collaborate with its customers to prevent possible attacks.