The cybersecurity situation at a global level is something to be careful with because despite the fact that companies increase their protection measures, the number of cyberattacks also increases.

Kaspersky, one of the multinationals dedicated to computer security, conducted a survey of Colombian companies on digital security and found a scenario that is repeated throughout the region; More concrete actions in digital security need to be implemented.

In its ‘Employee Wellbeing 2021’ report, the international company revealed that only 40% of companies surveyed offer IT security training, so that most employees may lack basic knowledge to protect themselves in the digital ecosystem against attacks and despite the fact that organizations face cyber attacks regularly, a large part of the companies surveyed preferred not to disclose such incidents.

Although mostly customer-related data breaches, employee data and personnel-related breaches are very popular with cybercriminals, in 2021, 41% of organizations in Colombia were unable to adequately safeguard their employee data. workers and suffered incidents related to said information.

“When an organization faces a cyber incident, correct crisis communications are no less important than the measures taken in response and recovery. There are always risks of data breaches and companies need to recognize that proactive disclosure is preferable to exposing it in the press,” says Evgeniya Naumova, Executive Vice President of Corporate Business at Kaspersky.

The report reveals that security in the digital ecosystem is an issue that must be worked on in 2022, since apart from the fact that less than half of the companies train their employees on cybersecurity issues, more than half of said companies (63%) have experienced problems related to the quality of this service such as dissatisfaction with the complexity of the courses and lack of support or experience from the trainer.

According to Karpersky, Colombian companies regularly face information security breaches (42%), inappropriate use of IT resources (46%), and inappropriate data sharing via mobile devices (41%).

As stated above, companies are choosing not to disclose their incidents, with 72% of affected organizations not publicly disclosing their incidents, and of the companies that did, only 13% have done so proactively while 15% did so after the cyber vulnerability had already been leaked to the media.

“Appropriate, accurate and timely communications not only minimize potential reputational damage, but can also greatly mitigate direct financial losses. To avoid panic or confusion, a business should consider creating a clear crisis plan. Corporate communications professionals and IT security teams should collaborate to exchange information on cybersecurity knowledge and determine guides, tools, channels and language that could be useful to accurately handle internal and external communications in an emergency”, Naumova explained.

Far from being a problem only in Colombia, cybersecurity failures are being experienced all over the world, and according to a global report from the same company, in 85% of these incidents the human factor has played a crucial role.

