In a world where cyberattacks represent an ever-growing global threat due to technological advances and growing reliance on the internet, the Cyberthreat Defense 2023 report reveals that 84.7% of companies worldwide have suffered at least one successful cyberattack last year, which shows a constant increase in. phishing and ransomware attacks.
Two recent incidents highlight the seriousness of these threats. One of them happened on September 10, when MGM Resorts, a consortium dedicated to entertainment and hospitality, fell victim to a cyberattack that resulted in the disruption of operations at a dozen of its hotels and casinos in Las Vegas. This incident caused a loss of revenue estimated at least $100 million. In addition, customers were affected by not being able to use the mobile app or digital key card to make purchases, access services such as ATMs and casino machines, and experiencing unavailability of room cards. All of these issues have a negative impact on the company’s reputation and raise concerns about the security of its customers’ data.
Similarly, on September 12, the telecommunications company IFX Networks became the victim of a ransomware cyberattack that affected more than 60 government and private entities in Colombia, Chile and Panama, affecting their systems and sensitive data, representing of expenses.
In this context, Alestra, a leading company in ICT services for the business and government market and an expert in strengthening the cybersecurity of organizations, emphasizes the urgent need to take proactive measures to protect digital assets and data privacy, Therefore, they recommend that companies strengthen certain controls through protective measures:
- Strengthen identity and logical access management to ensure that only authorized people have access to sensitive systems and data.
- Maintain a rigorous vulnerability management process, apply security updates and patches in a timely manner and ensure secure configuration protocols.
- Implement appropriate network segmentation to limit lateral movement of threats and protect critical assets.
- In the case of older infrastructure, consider integrating compensatory controls, such as patch virtualization, to mitigate risks.
- Improve security monitoring and alerting correlation capabilities to detect threats earlier and more accurately.
- Develop and maintain a business continuity plan (BCP), disaster recovery plan (DRP), effective risk management, and robust incident and crisis response capabilities.
- Regularly perform backup integrity validation and recovery testing to ensure the availability of critical data in the event of an incident.
- Having the support of a Cyber Defense Center improves productivity and accuracy by reducing cyber vulnerabilities by using advanced technologies to comprehensively assess and respond to environmental threats.
The cybersecurity culture must involve the entire organization to develop joint actions between different responsible areas with the aim of maintaining the greatest protection of companies of any size and sector from a preventive perspective, to minimize the risks of attacks.
In companies specialized in cyber defense, such as Alestra, architectures tailored to clients are developed, through advice and a wide portfolio of intelligent solutions that strengthen the protection of companies and guarantee a secure digital environment.