Riesgo cibernético: las personas somos el eslabón más débil
[vc_row][vc_column][vc_column_text]
Hace poco leí un artículo de Esteve Culp y Chris Thomson, director general del departamento de Riesgo Cibernético de Accenture y Forbes.com, donde nos reafirman que la mayor dificultad a la que se enfrentan las empresas no son los virus, el spam, el malware, ni los posibles agujeros de seguridad que presentan los sistemas informáticos, sino los propios usuarios o clientes y empleados de las empresas, los cuales, mediante acciones inconscientes o deliberadas, acarrean a las empresas los mayores riesgos de seguridad. La figura del «Risk Management» es cada día más importante en la organización de las grandes corporaciones.
Riesgo Cibernético: Nosotros somos el eslabón más débil de la cadena de seguridad
El riesgo cibernético de la ciberdelincuencia ha dado lugar a un notable aumento del interés respecto a la ciberseguridad, de modo que algunas organizaciones, destinan miles de millones de euros a su protección frente al conjunto de amenazas actuales y potenciales futuras en constante evolución. Muchas realizan considerables inversiones en supervisión, vigilancia y software, sin embargo, con frecuencia descuidan el riesgo de exposición generado por sus propios empleados y, en esta era digital, por sus clientes.
Al igual que los ladrones de bancos en el pasado, los ciberdelincuentes tienen como objetivo «los lugares en los que se encuentra el dinero» y eso significa, a menudo, bancos e instituciones financieras. Tras muchas décadas de experiencia para protegerse frente a la delincuencia, los bancos y aseguradoras suelen contar con defensas de seguridad físicas y técnicas razonablemente sólidas. No obstante, el concepto de divisa ha cambiado, y ahora en lugar de intentar llevarse billetes y monedas, los ciberdelincuentes quieren robar información valiosa.
Los ciberdelincuentes están dispuestos a tomar medidas desesperadas para obtener información de las empresas. Por ejemplo, se han infiltrado en bancos a través de empleados en las entidades financieras, fundamentalmente mediante agentes encubiertos, que pueden robar datos sensibles y realizar operaciones fraudulentas. En muchos casos, incluso empleados de confianza durante muchos años pueden conllevar riesgos.
El riesgo cibernético se encuentra dentro y fuera de las empresas.
Los proveedores son otro punto de potencial vulnerabilidad. La mayoría de empresas multinacionales, pueden disponer de defensas cibernéticas sólidas, pero también dependen de terceros, con frecuencia a los que confían datos confidenciales relativos a compras y operaciones, pero pueden no contar con los mismos niveles de seguridad que las entidades cliente para las que prestan el servicio.
Los ciberdelincuentes se centran en los puntos más débiles de las defensas de las empresas y eso suele significar, ir a por los clientes. Las cuentas bancarias suelen convertirse en parte de la “huella tecnológica” de los clientes, cuya información se almacena en los ordenadores domésticos y dispositivos móviles.
Los clientes y empleados son a menudo el foco de los ataques de ciberdelincuentes.
Los ciberataques intentan romper la seguridad de los datos de muy distintas formas, entre otras mediante la instalación de programas informáticos malintencionados, correos electrónicos en los que se suplanta la identidad, o para comprometer la seguridad de los datos de los clientes utilizar instalaciones Wi-Fi no seguras en restaurantes, aeropuertos, transporte público. Se sabe que los ladrones, incluso han creado cuentas falsas para dirigir el tráfico donde quieran.
Uno de los grandes problemas para el negocio empresarial, es que hay muchas personas y departamentos responsables de la gestión de los distintos riesgos relacionados con la ciberseguridad. En una era en la que los ciberdelincuentes pueden producir enormes daños, existen razones de peso para alinear o integrar distintas funciones, tales como prevención de fraudes, seguridad de las TI y cumplimiento en un grupo más coherente, posiblemente con un director corporativo de riesgos cibernéticos que supervise todas las medidas de seguridad digital.
En años de experiencia TIC, hemos identificado varios factores clave que deben abordarse con el departamento de seguridad de las TIC al enfrentarse a la amenaza de la ciberdelincuencia:
Formación y cultura del riesgo:
Las empresas varían enormemente en lo que respecta a su cultura de riesgo cibernético. Algunas han crecido a través de fusiones y adquisiciones y se han convertido en organizaciones fragmentadas con culturas dispares. Otras son mucho más homogéneas. Otras, gestionan a sus empleados con dureza pero prometen recompensas extraordinarias. Cada organización tiene que identificar sus propios estilos de aprendizaje y poner en práctica las iniciativas adecuadas, entre otras, métodos de aprendizaje avanzados a través de juegos o simulaciones, por ejemplo para implantar conductas cibernéticas correctas.
El control es la clave de la Seguridad y la Privacidad:
Cada escenario de riesgo cibernético debe descomponerse en pasos o acciones que los delincuentes deben ejecutar si quieren tener éxito. Desde la suplantación de la identidad pasando por la instalación de programas maliciosos, a obtener acceso, controlar una cuenta, ejecutar operaciones fraudulentas, etc., cada uno de estos pasos son riesgos o problemas que exigen varios controles sólidos. No existe sustituto para esta evaluación de riesgos y deben implantar un marco de control de gestión con un asesoramiento y prueba robustos.
Evaluar con un propósito:
Las organizaciones deben contar con métodos para identificar y hacer un seguimiento de la conducta de sus empleados que pueda indicar que se está produciendo un ciberdelito, bien por parte de un empleado o como consecuencia de que se adueñen de una cuenta a través de un programa informático malicioso o un troyano.
Los análisis pueden servir para detectar actividades, tales como que los empleados están trabajando fuera de la jornada laboral, empleados con bajo rendimiento que tengan acceso a datos de clientes o la descarga de archivos excepcionalmente grandes, que están estrechamente relacionados con la mala conducta o delincuencia.
Establecer un modelo operativo de seguridad y privacidad:
La ciberseguridad debe funcionar bien en todas la organizaciones. El modelo operativo correcto, conecta los departamentos de TI, negocio, fraude y riesgos. Esto puede contribuir a definir la responsabilidad, imponer la correcta toma de decisiones y medición de la efectividad. Las organizaciones pueden elegir entre varios modelos operativos, como la creación de un puesto de «Rey cibernético» que establezca la política y actividades de influencia o la creación de un responsable de riesgos cibernéticos en toda la empresa que identifique, evalúe y responda a las amenazas.
Aprender de los ataques cibernéticos y otras amenazas:
A pesar de los mayores esfuerzos de las organizaciónes, las cosas pueden salir mal y saldrán mal en muchos casos. Un plan integral de resiliencia, que incluya elementos como respuesta a los eventos, comunicaciones, gestión de crisis, detección, identificación de amenazas y supervisión operativa. Así como la elaboración de análisis «post morten» para identificar la causa, definir la solución y las acciones requeridas para que el fallo de seguridad no vuelva a reproducirse, pueden contribuir a reducir al mínimo las pérdidas y a proteger la reputación de las empresas en caso de un ciberataque exitoso.
La revolución digital ha facilitado el trabajo conjunto de las empresas y sus clientes, pero el comercio digital ha creado muchos nuevos puntos de entrada para ciberdelincuentes potenciales. Un planteamiento integral y organizado de la formación y comunicación, con personas encargadas de la supervisión, puede ayudar a las empresas de servicios a limitar su exposición al fraude cometido tanto fuera como dentro de la misma.
Imágenes: Blue Coat Photos[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][templatera id=»1404″][/vc_column][/vc_row]
Thanks in support of sharing such a good opinion, paragraph is fastidious, thats why i have read it completely
What’s up to all, how is all, I think every one is getting more from this web site, and your views
are fastidious designed for new viewers.
Magnificent beat ! I wish to apprentice while you amend your site, how could i subscribe for a blog site?
The account aided me a acceptable deal. I had
been tiny bit acquainted of this your broadcast provided bright clear
concept
Also visit my blog post; Divine Dynamic Keto
You actually make it seem so easy with your presentation but I find this topic to be actually something
which I think I would never understand. It seems too complex and very broad for me.
I’m looking forward for your next post, I’ll try to get the hang of it!
Feel free to visit my website … Essential Nutrition Performance Enhancer
You’re so interesting! I do not think I’ve read through a single thing like that before.
So great to discover another person with a few original thoughts on this subject
matter. Really.. many thanks for starting this up. This website is something that’s needed
on the internet, someone with a little originality!
What i don’t realize is in fact how you are no longer really
a lot more neatly-favored than you might be now. You are so intelligent.
You know therefore significantly with regards to this matter,
produced me personally consider it from numerous varied angles.
Its like women and men aren’t fascinated unless it’s one thing to do with Lady
gaga! Your own stuffs nice. Always take care of it up!
Hello, you used to write magnificent, but the last several posts have been kinda boring?
I miss your super writings. Past several posts are just a little out of track!
come on!
my homepage; http://usedtiresbrowardcounty.com
It’s awesome to pay a visit this web page and reading the views of all mates regarding
this article, while I am also eager of getting familiarity.
Have a look at my homepage http://learn.medicaidalaska.com/UserProfile/tabid/42/UserID/5353208/Default.aspx
wonderful issues altogether, you just received a new reader.
What could you recommend about your put up that you simply made some days ago?
Any sure?
Also visit my web site … Blast Portable AC
Wow that was strange. I just wrote an incredibly long
comment but after I clicked submit my comment didn’t show up.
Grrrr… well I’m not writing all that over again. Anyhow,
just wanted to say excellent blog!
Also visit my website: mpc-install.com
Howdy, I think your blog may be having web browser compatibility problems.
When I look at your blog in Safari, it looks fine however when opening in Internet Explorer, it’s got some overlapping issues.
I merely wanted to give you a quick heads up! Aside from that, excellent site!
Pretty! This was an extremely wonderful post. Thank you for providing this information.
my website :: https://mpc-install.com/punbb-1.4.6/viewtopic.php?id=536327
Howdy, i read your blog from time to time and i own a similar one and i was just wondering
if you get a lot of spam feedback? If so how do you protect against
it, any plugin or anything you can recommend? I get so much lately it’s
driving me mad so any assistance is very much appreciated.
This is a great tip particularly to those fresh to the
blogosphere. Short but very precise information? Thank you for sharing this one.
A must read article!
Also visit my website :: http://frun-test.sakura.ne.jp/
As I web-site possessor I believe the content material here is rattling
great , appreciate it for your efforts. You should keep it up forever!
Best of luck.
my page … clubriders.men
I am in fact delighted to read this website posts which
carries lots of helpful information, thanks for providing these kinds
of information.
Check out my website; Boltz Pro Charger
Wonderful paintings! This is the kind of info that should
be shared around the net. Disgrace on the seek engines for no
longer positioning this put up upper! Come on over
and visit my site . Thanks =)
Also visit my webpage: MetaboFix Reviews
Hmm it seems like your site ate my first comment (it was extremely long)
so I guess I’ll just sum it up what I wrote and say,
I’m thoroughly enjoying your blog. I as well am an aspiring
blog writer but I’m still new to everything. Do you have any
helpful hints for inexperienced blog writers? I’d certainly appreciate it.
If you want to obtain a great deal from this article then you have
to apply these techniques to your won weblog.
My wife and i have been cheerful that Emmanuel could finish up his inquiry with the precious recommendations he received
out of the weblog. It’s not at all simplistic just to always be making
a gift of thoughts that many many others have been selling.
And we also do understand we now have you to be grateful to for this.
Those illustrations you have made, the easy web site menu, the relationships you aid to promote – it’s got everything great, and it’s really helping our son and our
family feel that this idea is exciting, which is certainly
tremendously fundamental. Thank you for the whole
thing!
Feel free to surf to my homepage – MetaboFix Ingredients
Ꭺs the admin of this website is working, no uncertainty very soon it
will be renowned, duue to its feature contents.
Also visit my site;Kunjungi website
I am sure this piece of writing has touched all the internet viewers, its really really good
piece of writing on building up new blog.
This is a really good tip especially to those new to the blogosphere.
Simple but very accurate info… Thank you for sharing this one.
A must read post!
Gracias por tu aporte. Un cordial saludo.
In fact when someone doesn’t be aware of after that its up to other viewers that
they will assist, so here it occurs.
Thank you a lot for sharing this with all of us you
really recognize what you’re talking about! Bookmarked.
Kindly additionally visit my web site =). We will have
a hyperlink exchange arrangement between us
Very nice post. I just stumbled upon your blog and wanted
to mention that I have truly loved surfing around your blog posts.
After all I’ll be subscribing to your feed and I’m hoping you write once more soon!
My spouse and I stumbled over here coming from a different page and thought I might check
things out. I like what I see so i am just following you.
Look forward to checking out your web page again.
Way cool! Some extremely valid points! I appreciate
you penning this article plus the rest of the
site is extremely good.
I’m extremely inspired along with your writing abilities as well as with the layout for your weblog.
Is this a paid theme or did you modify it yourself? Either way
stay up the nice high quality writing, it’s rare to
see a great weblog like this one these days..
Hi there i am kavin, its my first occasion to commenting anywhere, when i read this post
i thought i could also make comment due to this sensible paragraph.
It’s remarkable in favor of me to have a site, which is
valuable in favor of my experience. thanks admin
I know this website provides quality dependent posts and extra material, is there any
other website which offers these information in quality?
I visited multiple blogs however the audio quality for audio
songs existing at this web page is in fact excellent.
scoliosis
This is very interesting, You are a very skilled blogger.
I have joined your rss feed and look forward to seeking more
of your great post. Also, I’ve shared your web site in my social networks!
scoliosis
free dating sites
I’ve been browsing online more than three hours today, yet I never found any
interesting article like yours. It’s pretty worth enough for me.
Personally, if all site owners and bloggers made good content as you did, the
internet will be much more useful than ever before.
free dating sites
I am really inspired along with your writing abilities and also
with the structure to your weblog. Is this a paid theme or did you modify it yourself?
Either way keep up the nice quality writing, it is rare to
look a nice weblog like this one these days..
I would like to thank you for the efforts you have put in penning this blog.
I am hoping to view the same high-grade content by you
later on as well. In fact, your creative writing abilities has inspired me to
get my own, personal blog now 😉
Wow, marvelous weblog format! How long have you ever been blogging for?
you made blogging glance easy. The whole glance of your website is wonderful, as smartly as the content material!
Do you have a spam issue on this blog; I also am a blogger, and I was curious about your situation; many of us have developed some nice methods
and we are looking to trade strategies with other folks, be sure to shoot me an email if interested.
Someone essentially help to make severely articles I’d state.
This is the first time I frequented your web page and so far?
I amazed with the analysis you made to make this
particular submit extraordinary. Excellent task!
Have you ever thought about adding a little bit more than just your articles?
I mean, what you say is valuable and everything.
But think of if you added some great photos or videos
to give your posts more, «pop»! Your content is excellent but with images and clips,
this website could undeniably be one of the greatest in its field.
Amazing blog!
Very nice post. I just stumbled upon your weblog and wanted to say that I’ve
really enjoyed surfing around your blog posts. After all I will be subscribing to your feed and I hope you
write again soon!
It’s very simple to find out any topic on web as compared to textbooks, as I
found this article at this site.
Hey! I just wanted to ask if you ever have any issues with hackers?
My last blog (wordpress) was hacked and I
ended up losing months of hard work due to no back up. Do you have any
methods to protect against hackers?
Whats up very cool web site!! Man .. Excellent ..
Wonderful .. I will bookmark your blog and take the feeds additionally?
I am happy to search out so many helpful
information right here in the submit, we’d like work out extra strategies on this regard,
thanks for sharing. . . . . . asmr 0mniartist
May I just say what a relief to uncover somebody that truly understands what they’re discussing on the web.
You actually know how to bring an issue to light and make it important.
More and more people have to check this out and understand this side of your story.
I was surprised that you aren’t more popular given that you definitely have
the gift. asmr 0mniartist
Excellent blog right here! Also your website rather a lot up fast!
What host are you using? Can I am getting your associate link to your host?
I want my website loaded up as quickly as yours lol 0mniartist asmr