por Rebeca | Abr 19, 2023 | Sin Categoria
La ciberseguridad se ha convertido en una preocupación creciente en la era digital, y ningún sector está exento de recibir amenazas cibernéticas. En Europa, varios sectores han sido objeto de ataques cibernéticos en los últimos años, según datos proporcionados por Enisa.
En este post, desgranamos los seis principales sectores afectados por ciberamenazas en la Unión Europea el pasado año.
24% Administración pública/gobierno
Los gobiernos y la administración pública han sido objeto de numerosos ataques cibernéticos en Europa. Estos ataques pueden tener graves consecuencias, como la filtración de información confidencial, el acceso no autorizado a sistemas gubernamentales y la interrupción de servicios públicos.
13% Proveedores de servicios digitales
Con el crecimiento del comercio electrónico y la digitalización de los servicios, los proveedores de servicios digitales también han sido blanco de amenazas cibernéticas. Esto incluye a empresas que ofrecen servicios online como plataformas de comercio electrónico, redes sociales, servicios de correo electrónico, entre otras.
12% Público en general
La población también se ha visto afectada por estas amenazas, incluyendo ataques de phishing, malware y estafas online. Los ciberdelincuentes a menudo aprovechan la falta de conciencia y conocimientos en ciberseguridad de los usuarios para llevar a cabo sus ataques.
12% Servicios
El sector de servicios, que incluye una amplia gama de industrias como transporte, logística, turismo, hotelería y más, también han sufrido las consecuencias de los ciber ataques. Estos pueden tener un impacto significativo en la operatividad y la reputación de las empresas del sector.
9% Finanzas/banca
El sector financiero, que maneja una gran cantidad de datos sensibles y transacciones financieras, ha sido durante mucho tiempo un objetivo atractivo para los ciberdelincuentes. Los ataques cibernéticos en este sector pueden tener graves consecuencias financieras, así como erosionar la confianza de los clientes.
7% Salud
El sector de la salud también ha aumentado su vulnerabilidad ante las amenazas, especialmente durante la pandemia de COVID-19. Los ataques a sistemas de atención médica pueden tener consecuencias graves, como la interrupción de los servicios de atención médica, el robo de datos médicos sensibles y la exposición de la información personal de los pacientes.
La ciberseguridad es esencial en todos los sectores en la era digital. Los datos proporcionados por Enisa (agencia europea de ciberseguridad), revelan que la administración pública, los proveedores de servicios digitales, el público en general, el sector de servicios, el sector financiero y el sector de la salud son algunos de los sectores más afectados en la Unión Europea. Es crucial que empresas e instituciones inviertan en medidas de ciberseguridad adecuadas para proteger su información y activos, así como garantizar la continuidad de sus operaciones y la confianza de sus clientes y usuarios.
Ayudamos a empresas de diversos sectores a proteger su entorno y a innovar eficazmente. Vea cómo Soffid puede ayudarle a mantenerse a la vanguardia en un mundo digital que evoluciona rapidamente.
¿Hablamos?
- Noticias Parlamento Europeo
por Rebeca | Feb 16, 2022 | Sin Categoria
The privileged access management for companies is very important. Remote working is here to stay, and the channel is pivotal in supporting organisations in their efforts to maintain the best protection against cyber attacks whether they’re adopting a hybrid, or fully remote working model. Channel partners with a rich portfolio of security solutions are in the ideal position to facilitate these flexible models and provide organisations with the seamless IT support they need to connect workers securely, irrespective of their location.
At the heart of remote cyber security is privileged access management (PAM), the protection around privileged and sensitive user accounts, which are the crown jewels for cyber criminals. For the channel, PAM creates a new revenue stream and further business opportunities with their customers. However, while having unrestricted access to clients’ IT estates is part and parcel for a service provider, it does pin a huge target on their backs.
Offering comprehensive PAM solutions will enable channel partners to secure, manage and monitor access to their own privileged accounts as well as those of their clients, keeping the most valuable keys to their network safe.
Privileged Access Management for companies can provide partners with greater security not only for their clients but for their own accounts too
In today’s cyber environment, stolen and misused privileged accounts—and the access they afford to sensitive and critical data and hosts—can be used to inflict tremendous damage.
Implementing a PAM tool reduces the likelihood of privileged credentials being compromised or misused in both external breaches and insider attacks. Such tools also help reduce the impact of an attack when it occurs by radically shortening the time during which the organization is unaware that it is under attack or being subverted.
Privileged access management for companies
Cloud security, anomaly detection, and securing the software development life-cycle also can be addressed with a PAM tool, as can regulatory compliance and operational efficiency.
PAM solutions need to be aware of not only who a user is, but also to which resources they should be granted privileged access. To enhance security even further, strong PAM solutions tend to have their own layers of security capabilities. That is, they will have the ability to limit user access not only by role, but also by other factors such as time and location, ensuring that even a user who has been authenticated only sees the specific resource to be accessed, and only when appropriate.
As a quick example, a given user may be granted privileged access to a server to do an update because they have the role of server admin; but the PAM administrators might also limit that privileged access, for business reasons or simply as a security practice, to a two-hour window starting at midnight, for example. Outside of that time frame, even with the login credentials, the user won’t be able to access the server for good or malicious reasons.
Multifactor Authentication (MFA) & Privileged Account Management (PAM) for companies
If a user has successfully authenticated to the system, the PAM system will provide the user the privileged access they have been granted. Of course, that’s entirely appropriate, when the user is who they say they are – but potentially disastrous when a privileged user within the system is not who they claim to be.
Strong PAM solutions have safeguards to protect against this very situation. Session management tools, for example, will alert the security team (or automatically kill the session) when the activity undertaken by a privileged user is outside of defined parameters, such as a purported database administrator who suddenly begins to rapidly execute a large number of queries against multiple databases.
But what of the case where a hacker has stolen a DBA’s credentials, gained entrance to the system, and then undertakes activity which does not raise alarms, such as running an occasional query as the legitimate DBA might do?
This is the kind of situation prevented by MFA and PAM solutions working together to truly provide a layered defense in depth. Where strong PAM solutions excel at providing only the appropriate access to privileged users, a strong MFA capability in front of PAM helps to ensure that users are who they say are before they ever reach the point at which privileges must be determined and granted.
It’s a layered strategy that truly helps security teams and administrators create a defense-in-depth – and in today’s networked environments that are subjected to constant probing and hacking attempts, it’s a solid way to increase a firm’s cybersecurity.
References:
(1) Newsweek.com
(2) secureworld.com
(3) Dark Reading
Picture: Foto de Negocios creado por jannoon028 – www.freepik.es
