José Luis teaches subjects in the field of Cybersecurity since 2005, as well as in different Masters such as Cybersecurity, 'Blockchain, Smart Contracts and Cryptoeconomics' and Cyberdefense at UAH.

- How important is cybersecurity today to institutions and businesses?

Being aware of the importance of data privacy at all levels today, we should consider cybersecurity as a fully cross-cutting factor in companies and institutions. The risks presented in systems that handle information of all kinds happen day by day, so it is vital to prevent the emergence of risks and vulnerabilities that open the door to cyberattacks that expose the data of our companies and organizations. Beyond reputation is the economic and continuity of service factor that can definitively damage a company's business and cause it to disappear.

Globally, there is a booming industry dedicated to cyberattacks that outperform conventional economic crime. The paradigm shift is very simple: from anywhere in the world they can extort, steal or blackmail any company and/or person whose systems are not adequately protected, so it is vital to be aware of what is happening to face this challenge with enough guarantees.

- What is the situation in Spain? Are our businesses protected?

Unfortunately, Spain is well behind other European countries in terms of investment and awareness in the area of cybersecurity. We continue to find a very important aversion to establishing preventive tools that minimize the likelihood of a cyber attack. One of the biggest problems we have is that most companies don't assume, that the misnamed, spending on IT security platforms and services is one of the investments that can bring them the most profitability. Recently, a report on the state of cybersecurity in Spain was published, which gave worrying conclusions for Spanish companies and institutions.

-What consequences can a cyberattack have? What economic consequences can it have?

The most immediate consequence may be the cessation of service, the factor of availability. This can mean that a company stops billing and therefore stops its business.

From here, the consequences that may arise from a security incident and/or security breach in systems may have an impossible relevance to determine beforehand. Once a data breach occurs we need to be aware that our zero day of knowledge of the incident does not have to match the real one, that is why we must be cautious and establish the mitigation protocols as soon as possible to achieve an effective response. In Spain, it is still difficult to translate this vision, which is always more efficient and economical.

Mitigating a cyber attack is much more expensive than preventing it beyond the penalty cost that the current regulations (RGPD) can mean that the company can reach up to 6% of its annual turnover. Reputational cost is always hard to value, but the deterioration of the image that a company involved in a security incident can suffer will never be positive. Trust is a key factor in business and customers need it to continue contributing.

José Luis Narbona

-What recommendations do you give us?

In no need to be alarmist we must be aware of what is happening globally. We are faced with a scenario where our data has become the holy grail that companies collect and that cybercriminals try to steal. That is why we must take certain cyber-hygiene habits that allow us to keep our digital identity safe. Overexposure of our data on the Internet is not recommended since this exposure can make us the target of a cyberattack.

It is essential to have a real policy for the management of our passwords and their change, because they are the guarantor of the confidentiality of our data. It is not appropriate to have the same passwords for different services as at the time a service is exposed all others will be potential victims. It is a question of making it difficult for cybercriminals to acquire simple common-sense habits and, above all, to have a certain preventive culture to avoid being exposed.

At the training level, it is vital that institutions and companies conduct courses each year so that these weakest link, which are employees, acquires certain basic knowledge and becomes aware of the importance of promoting these common sense habits in their workplace. These actions are carried out periodically at the UAH for both PDI and PAS, in which we emphasize different techniques and simple tools that ensure the confidentiality of data both at the workplace and outside the workplace.

- News is continually appearing on the various cyber attacks that are taking place since the global pandemic was declared by COVID-19 Is the situation exploited by cybercriminals? What are the most significant incidents in the past three months?

There are two relevant factors that have their origin in the need to stay at home in recent months. On the one hand, teleworking has become mandatory and many companies did not plan for it, this has led to an increase in this type of attack due to lack of planning and the use of obsolete technologies for remote work. Most companies were unprepared and initially had significant security risks in their systems that have in many cases been exploited by cybercriminals. On the other hand, with more time at home, access to online leisure services has grown exponentially. This demand has enabled Phishing campaigns associated with the most popular streaming services, with the aim of subtracting our credentials as well as our bank details.

The overdemand for information on COVID-19 has been another vector of attack through applications with supposed information about the pandemic. More than 24,000 related domains have been registered since March, of which more than 60% are estimated to have a malicious purpose to distribute different types of malware that can subtract information from our computers. Several campaigns have been reported related to other topical issues related to the pandemic, such as the collection of the ERTES provision through the sending of SMS and e-mails with illicit purposes.

At institutional level, one of the sectors most affected was health, in this case we can talk about cyber-espionage associated with biomedical and pharmaceutical data and research that cybercriminals intend to exploit and monetize.

In this context, it is vital that citizens and companies have the appropriate training that allows to continue the activity minimizing this type of risks as well as the technical tools necessary to guarantee the confidentiality of their data.

Publicado en: Inglés