Please wait, authorizing ...

Don't have an account? Register here today.


Employee errors, one of the main causes of cyberattacks on organizations


Latin America. Digitization and remote work have exponentially increased the risk due to the use of insecure connections, the use of personal devices and the disappearance of the perimeter. Now cyberattacks are increasingly aggressive, numerous, sophisticated, specific and targeted at employees, which is causing greater financial, social or reputational damage.

The challenge for Latin American organizations is not only the training of their workers to provide them with the necessary knowledge to prevent cyberattacks, but also to implement advanced security systems that intervene before employees have to make a decision.

According to the report "The Global Risks Report 2022", prepared by the World Economic Forum (WEF), 95% of cybersecurity problems have their origin in human error. Likewise, the WEF stated that 43% of cybersecurity incidents produced in companies have their origin in internal threats, intentional or accidental.

Oswaldo Palacios, Senior Account Executive for Guardicore (now part of Akamai), mentioned that employees continue to be a weak point for organizations and not because they consciously want it but that remote work has opened a door to cyber threats that were not previously considered or contemplated because computers did not leave companies. "There are several risk factors in IT operations, from the processes of access, protection and availability of information, to the correct execution of them but almost always cyberattacks are based on social engineering, that is, taking advantage of the naivety of the user", he added.

- Publicidad -

The Labor Outlook Report 2021 Latin America and the Caribbean prepared by the International Labor Organization (ILO) highlighted the low levels of adoption of digital technologies in the vast majority of small and medium-sized enterprises (SMEs) in the region associated, among other factors, with the lack of basic technological absorption skills (human resources, managerial and organizational skills) and investments in complementary assets that allow taking advantage of new technologies. Additionally, this research also highlighted that SMEs face, in relative terms, high risks in terms of security and privacy due to the lack of information, resources and expertise in the field.

According to the Guardicore expert, traditional perimeter firewalls designed for north-south traffic cannot deliver the control and performance needed to protect today's applications and dynamic workloads in organizations. "Technically, enterprises can use firewalls within the perimeter to implement a layered security model, but it is impractical for most enterprises due to the expense and amount of time required to configure and manage the necessary policies. As a result, today's enterprises need a better way to defend large volumes of east-west network traffic against cyberattacks".

The threat landscape and tools criminals use change too quickly, so it's ideal for technology to intervene before employees have to make a decision. In that sense, Oswaldo Palacios mentioned that Microsegmentation technology is an essential protection mechanism to stop the spread of malware within an organization. In fact, the White House in its statement "What We Urge You to Do to Protect Against the Threat of Ransomware" recommends Micro-segmenting networks, as it is one of the most effective ways to protect digital assets; by reducing the attack surface and encapsulating a threat, we can respond easier and faster to a contingency or even a zero-day attack.

The director of Guardicore (Akamai) stressed that Microsegmentation has three extremely important advantages:

1) Visibility. It is possible to see and control communication processes and clearly understand what the dependencies and traceability of applications are, having this visibility at layer 7 level we know exactly who is talking to whom.

2) Execution. A Microsegmentation tool allows us to make decisions based on the visibility at the process level that we are obtaining, with which we can create micro perimeters and any threat that leaks into our IT environment will be quickly detected and mitigated.

3) Security. By achieving the previous points, we can "reach" a zero trust scheme (Zero Trust) since now we understand 100% the behavior of our applications and who is accessing them, from where and at what time, with a granularity at the process level that is not had with elements such as Firewalls, IPS or Endpoints. "You can't protect what you don't know exists".

- Publicidad -

Finally, Oswaldo Palacios said that with the implementation of a solid, fruitful and successful Microsegmentation, organizations in Latin America will be able to counteract the effects of suffering some cyberthreat derived from human errors or malicious intentions of their employees.

Duván Chaverra Agudelo
Author: Duván Chaverra Agudelo
Jefe Editorial en Latin Press, Inc,.
Comunicador Social y Periodista con experiencia de más de 16 años en medios de comunicación. Apasionado por la tecnología y por esta industria. [email protected]

No thoughts on “Employee errors, one of the main causes of cyberattacks on organizations”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Subscribe Here
Patrocinado por:
ConsorcioTec Logo

Bienvenida a Air Conditioning for Hospitals Summit

Sesión 5: Desinfección en ambientes críticos bajo recomendaciones de ASHRAE

Esta charla estará enfocada en las recomendaciones de ASHARAE para la desinfección de ambientes críticos como lo son quirófanos o salas de hospitales, garantizando una ventilación adecuada para reducir el riesgo de infección. Nos enfocaremos en los productos que Carrier ha lanzado al mercado para cubrir esta necesidad inmediata. Ing.William Sanchez - Grupo Clima

Sesión 4: Minimizando las Infecciones Asociadas a la Atención de la Salud (IAAS)

Como se pueden minimizar las Infecciones Asociadas a la Atención de la Salud (IAAS) al proveer el flujo de aire y la presurización adecuada en los ambientes críticos. Roberto Rouanet, Business Developer Building Products - Siemens Colombia

Sesión 3: Hospitales: Salas de Presión Positiva y Negativa

Los centros hospitalarios tienen requerimientos de salas o zonas de presión positiva y negativa con el objetivo de proteger a sus pacientes, trabajadores y usuarios de las áreas de infecciosos (salas de presión negativa) o inmunodeprimidos (salas de presión positiva). Estos espacios aislados por diferencias de presión se consiguen a través de los sistemas de control de los equipos de climatización de las instalaciones. Estas salas de presión Negativa o Positiva son una parte imprescindible en centros médicos y de investigación, ya que ayudan a mantener las condiciones sanitarias necesarias para un ambiente limpio. Jose Jesús Arboledas Herranz, Responsable de proyectos especiales - KEYTER

Sesión 1: Panel - Buenas prácticas, normativas y errores en climatización para hospitales

Buenas prácticas, normativas y errores más comunes en los proyectos de climatización para hospitales Analizar cuáles son los temas en los que los ingenieros y técnicos deben capacitarse profundamente para desarrollar proyectos en esta clase de verticales que demandan instalaciones funcionales al 100% Roberto D'Anetra, Gerente - Climatiza Rómulo Laureano, Commercial Sales Manager - RGF-BIOCONTROLS Jose Jesús Arboledas Herranz, Responsable de proyectos especiales - KEYTER Roberto Rouanet, Business Developer Building Products - Siemens Colombia
Load more...

Ultimo Info-Boletin