# Week 10. Cybersecurity situation in Spain.

 I will talk this week about the overall cybersecurity state in Spain. As everywhere else, due to the continuous growing of digitalisation, the business sector and the population as a whole is taking note of the consequences of not being prepared against cyberattacks. Many of them, especially companies, have already suffered some economic loss for this reason.

The awareness is higher in big companies, since they can be identified as major targets by many cyber criminals and the possibility of bigger investments and counting with better equipment and professionals but the fact that most of the companies in Spain are medium-small size and the lack of enough measures against these attacks make them easy fish catch for criminals.

In regards the public sector, there is a strong legislation to avoid disruptions and leaks in the critical infrastructures such as health care facilities, energy centers,… All this legislation has often as origin a European Directive.

Nevertheless, the medical health public and private sector has been severely hit by cyberattacks lately due to the current pandemia and the stronger inclination to pay a rescue to recover their systems.

Regarding policies, many legislation and strategic plans are being enable to facilitate the police and judges to prosecute these criminals so they will think twice before trying to attack one particular target. All these plans are somehow restricted to the sovereignty and the bilateral agreements between countries, which makes it an worldwide challenge.

As we all know, these disruptions are often and accidentally generated by an insider because of his/her lack of preparation. One simple example and something easily avoidable would be not to open a mail coming from unknown source or for example not picking up a “lost” USB from the ground and check the content in order to turn it back to its owner. All these basic precautions are easily implemented with a proper training to the employees.

Other simple solutions that minimise the risks and can be easily implemented by any manager with basic knowledge and will be to keep updated software, generate daily and/or weekly back-ups of the data, using antivirus, …

Concerning the security certifications, more entities are trying to get these certifications to prove the quality of their services. However, I agree that is a big economic effort, especially for a medium or small-sized security company to meet all these requirements unless you are certain of the increase of business opportunities afterwards. The reception of these certifications will vary depending of the legislation forcing or not to follow it.

Another point is that the cyber-protection is often externalised. I know that it is for many the only solution but is not always the best, especially when the externalised company doesn’t establish a particular plan for this company but apply general procedures that maybe not always match with the specific requirements and protections the company needs to avoid cyber-security related issues.

Here a picture of some interesting facts regarding Cybersecurity balance in Spain 2020 made by INCIBE. (National Cybersecurity Center).

 




Here below the sources used for this entry:

1. https://www.defensa.com/cyberseguridad/espana-aprueba-plan-estrategico-para-reforzar-lucha-contra

2. https://ipmark.com/el-sector-salud-duplica-su-cifra-ciberataques-en-espana/ 

3. https://www2.deloitte.com/es/es/pages/risk/articles/estado-ciberseguridad.html

4. https://www.incibe.es/protege-tu-empresa/que-te-interesa/buenas-practicas-area-informatica

5. https://www.ospi.es/export/sites/ospi/documents/documentos/Seguridad-y-privacidad/Google_Panorama-actual-de-la-ciberseguridad-en-Espana.pdf

6. https://ipmark.com/el-sector-salud-duplica-su-cifra-ciberataques-en-espana/



Comments

Post a Comment

Popular posts from this blog

#Week 5. The Case for Copyright Reform Task

For this week I will give my opinion about the book  The Case for Copyright Reform . The book and particularly chapter 2 is trying to convince readers that the copyright as it’s been conceived, it is not good for society because if it is going to be applied effectively, it will collide with fundamental rights and they are advocating for a modification. When the author say that this copyright law is endangering fundamental rights, it means that if you really want to avoid people sharing digital files, you need to sniff the communication between them and see what kind of information they are exchanging which of course lead you to know everything else if you want to.   That is a difficult debate. If you think that you are harming an author you admire,  most of the people will be in favour of a tough copyright law. By other side, If you think that this law is attempting against your fundamental rights and that it is not protecting the author but the industry and all the people that was use
Read more

#Week 13 About Linux Distributions. Debian and Slackware.

 This week I will talk about the different lynux distributions. First question I made myself and I think it is understandable, is why so many distributions are   available ? The answer is simple and it is to better suit your needs because of the applications you are supposed to run. Some distros are geared towards user entertainment and may include all of the programs necessary to reproduce video and audio, in any format (including owners), others are more oriented to games  others to security, some to science, others to education, etc. (Target of the software). Apart from that, that I think is the main reason due to the easiness of the software to create custom distributions, there are other reasons such as the use or not of open code even when it holds copyleft license (I think this is mainly when the distribution  is run through a server). Given the fact that there are a few hundred distributions and many are even to be released, and like each one of these has both advantages and di
Read more

# Week 11. Example of censorship and privacy in today's society

On this week’s blog, I will talk about one curious case about censorship and another concerning privacy when it comes to fight organized crime or terrorist groups.  Regarding censorship I will talk about the Streisand effect. The singer Barbara Streisand gives the name to this social phenomenon that occurs when a censorship intention has the unintended effect of propagating further the event that is trying to hide. The term alluded to Barbra Streisand, who in 2003 sued photographer Kenneth Adelman for distributing aerial pictures of her mansion in Malibu. But Adelman was no paparazzo—he operated the California Coastal Records Project, a resource providing more than 12,000 pictures of the California coast for scientists and researchers to use to study coastal erosion. Of course, news outlets around the world reported on Streisand’s outrage, and before long, the photo on Adelman’s website (below) had received well over a million views. At the end it was a calamity for the artist because
Read more