• Skip to primary navigation
  • Skip to main content
S2 Grupo

Spanish Company Specialized in Cybersecurity

  • Company
    • About Us
    • Governing Bodies
    • CSR
    • Awards and Acknowledgments
  • Specialization
    • OT Industry
    • IT
    • OT Health
  • Solutions
  • R&D+I
  • Talent
  • News & Publications
  • Contact
  • facebook
  • twitter
  • instagram
  • linkedin
|
en arrow down
  • es
© 2023 S2 Grupo
Corporate

Lack of investment in cyber education of employees main gap in the security of companies

-
21 Feb 2020
  • S2 Grupo has ensured that this problem makes the so-called "social engineering" techniques so effective in "tricking" employees and introducing malware into companies.
  • Some of the most common errors that “facilitate” access to cyber criminals are overconfidence when opening emails, even if the sender is not known, or taking files from any USB drive (which may be carrying malware)as legitimate.
  • The S2 Grupo team of experts has established 7 key points for cybersecurity in companies, ranging from the importance of having monitoring tools to controlling the IoT systems incorporated into the processes.

Valencia, 21 February, 2020.- On the occasion of the celebration of Secure Internet Day next Tuesday, 11 February, the S2 Grupo has warned that one of the main gaps in cybersecurity in companies lies in the lack of education of employees on how to safely use New Technologies. In this sense, bad practices, lack of investment, failure to generate an adequate cybersecurity culture, etc., are actions that greatly “facilitate” the work of cybercriminals. “The enormous degree of lack of culture in cybersecurity makes it relatively easy, using social engineering techniques, to "trick" employees into trusting that what is sent to them in emails or files on a USB is legitimate. It is usually easier to attack than to defend, since it only requires finding a hole to access. For this reason, we must prevent these gaps from existing”, said José Rosell, managing-partner of S2 Grupo. "Another serious mistake is the habit of having social networks increasingly fed with thousands of unknown contacts, which makes false profiles proliferate, which makes it easy to have a large number of followers who "validate" their identity and therefore make them more reliable. In short, the mistake is to take for granted that in the physical world we have learned, over the years, to distinguish that they are not and that in the digital world we are not able to do it in the same way", said Miguel A. Juan, managing-partner of S2 Grupo. Company experts have explained that this type of action is what facilitates the spread of cybercrime, such as phishing or the so-called "CEO fraud", for example. In addition, S2 Grupo has insisted that companies need to invest in training that allows employees to know how to use ICT tools in a cyber-secure manner. “This is one of the weak points of defensive cybersecurity strategies. We have to make the cybersecurity culture of companies robust enough so that there are no very weak links", said Miguel A. Juan. “In this sense, it is necessary to continuously raise awareness among all staff and give them the appropriate elements for effective risk management so that they know how to act when risk materializes. In addition, we cannot limit it to simply giving courses, we must ensure that they are effective and that the company's culture in cybersecurity improves, that is, matures”, emphasized José Rosell. 7 CYBER SECURITY RECOMMENDATIONS TO IMPROVE THE PROTECTION OF BUSINESSES (REGARDLESS OF THEIR SIZE):

  1. Have adequate defensive and monitoring means.
  2. Have the intelligence capabilities necessary to know how and what to look for so as to prevent the intrusion of cyber-criminals.
  3. Implementar procesos de vigilancia que les ayude a anticipar posibles ataques o fugas de información. Implement surveillance processes that help them anticipate possible attacks or information leaks.
  4. Have cybersecurity awareness and training plans for all personnel.
  5. Have the appropriate technical/logical means.
  6. Do not neglect the OT systems or the IoT systems incorporated in their processes.
  7. In short, follow schemes such as ISO 27001 and 27002 or the National Security Scheme, which establish in a systematic and robust way what must be done to improve cybersecurity management.

  More information: prensa@s2grupo.es

  • fb
  • tw
  • in
Related Articles
Show all →
Corporate
73% of families do not know how to cyber-protect their homes
Read more →
Corporate
Smartphones will become one of the main targets of cybercriminals in 2019
Read more →
Corporate
Students of the Enigma school of S2 Grupo create digital PPE to cyber protect the health sector
Read more →

Follow us in our newsletter

Subscribe through your email to stay up to date

S2 Grupo
© 2023 S2 Grupo
  • Press Center
  • Legal Disclaimer
  • Privacy Policy
  • Cookie policy
S2 Grupo utiliza cookies propias y de terceros para permitir tu navegación, fines analíticos y para mostrarte publicidad personalizada en base a un perfil elaborado a partir de tus hábitos de navegación (por ejemplo, páginas visitadas). Clica aquí para acceder a nuestra Política de Cookies. Puedes aceptar todas las cookies pulsando el botón “ACEPTAR” o configurar o rechazar su uso pulsando el Botón “CONFIGURAR”
ConfigurarAceptar cookies
Manage consent

Resumen de Privacidad

Este sitio web utiliza cookies para mejorar su experiencia mientras navega por el sitio web. De estas, las cookies que se clasifican como necesarias se almacenan en su navegador, ya que son esenciales para el funcionamiento de las funcionalidades básicas del sitio web. También utilizamos cookies de terceros que nos ayudan a analizar y comprender cómo utiliza este sitio web. Estas cookies se almacenarán en su navegador solo con su consentimiento. También tiene la opción de optar por no recibir estas cookies. Pero la exclusión voluntaria de algunas de estas cookies puede afectar su experiencia de navegación.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
pll_language1 yearThe pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Necessary
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
_GRECAPTCHA6 monthsThis cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-analytics1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional1 yearThe cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necesaria1 yearSet by the GDPR Cookie Consent plugin to store the user consent for cookies in the category "Necessary".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
SAVE & ACCEPT
Powered by CookieYes Logo