gdpr

Pandemic, hackers, and corporate protection

Recent smart working habits, ushered in 2020 with the arrival of COVID, have subverted the cyber boundaries of our companies, and what was once a corporate LAN, located in a distinct geographic area and therefore more easily surveilled, is now instead open to all those, employees and contractors alike, who employ corporate devices either to connect remotely to the corporate office or for personal use.

The increase in cyber iterations has thus created more hackable points for skilled hackers who, for example, send e-mail attachments that look secure and come from verified senders, but instead conceal malware, i.e., programs designed to harm the host operating system, undetectable even by up-to-date antivirus software.

In order to corroborate what has just been said, let us add some numbers capable of explaining better than any words how much our safety is in danger.

July 2021: Il Sole 24ore estimates that the advent of smart working has led, since the beginning of the pandemic, to an increase in the number of cyber-attacks up to the percentage of 238%.

The 2022 CLUSIT report, the Italian Association for Information Security, records that cyber-attacks worldwide have increased by 10%. In that ranking, Italy represents the 4th most affected country behind the US, Germany and Colombia.

The three most commonly used types of attacks are as follows:

  1. Malware (use of malicious software)
  2. Targeted data breaches (theft of confidential information using unknown techniques)
  3. Security vulnerabilities real Achilles’ heel on which the first two forms of attack rest.

In 2001, hacker Kevin Mitnick prophesied in one sentence what would happen just twenty years later, "A secure computer is an off computer."

We believe that with the adoption of appropriate tools and specific procedures - human resource training remains a central point of the system - it is possible to have truly adequate security measures.

In addition to classic hardware and software protections, more advanced and synergistically deployable protection tools are now available to companies:

  • VA - Vulnerability Assessment: continuous monitoring and identification of all known vulnerabilities both within the corporate perimeter and on the web, including corporate devices connected with the premises remotely. Vulnerabilities that if not remediated can be easily exploited by criminal hackers (preventive action).
  • SOC - Security Operation Center: continuous monitoring, detection, analysis and management, with related blocking, of all external and internal threats to the company and unauthorized intrusions (proactive action).

We are available to support companies and professionals in choosing advanced software solutions and setting up simple and effective procedures to protect business operations and data, compliant with GDPR.

Contact us for more information: info@clovers.law