Increasingly digitized, but less protected

When the crisis of coronavirus we became, suddenly, in an economy of confinement, many were able to maintain their activity thanks to telework, which increased

Increasingly digitized, but less protected

When the crisis of coronavirus we became, suddenly, in an economy of confinement, many were able to maintain their activity thanks to telework, which increased from 5 to 34 % during the alarm state. Above the security, the priority was to maintain production, and that opened the door to cybercrime, which in recent weeks has come to multiply by three. This is not a new threat: in the first quarter of 2020, the number of cyber attacks increased 40 % worldwide, according to data from IBM; and only in 2018, Spain registered a total of 111.519 incidents, according to the National Institute for Cybersecurity (INCIBE). 36 % of the Spanish companies was the victim of a cyber attack during the first seven months of 2019.

The need for professionals is obvious and, however, the demand remains without a covering: it is estimated that, in 2022, 1.8 million jobs related to cybersecurity will be vacant in all the world, 350.000 of them in Europe. A few numbers that are explained by the increasing digitization of society: “Each time a greater part of our life is online: bank accounts, savings, private data, political views... anything that can be used to manipulate you or hurt you, it is in the cloud, and if it is not properly protected, remain in the hands of the attacker,” says Fernando Rodríguez, co-founder and Chief Learning Officer of the Centre for Training in Programming and Technology KeepCoding.

victims of crime

Another reason that justifies the increase of cybercrime, related to the previous one, is the amount of information that we expose. “The more volume we have in digital format, and more value has to cybercrime, the more we need an instrument which put limits to this criminal activity, and that is the field of cybersecurity,” explains Santiago Moral, director of the Institute DCNC Sciences of the Rey Juan Carlos University (URJC), Madrid. The reasoning is simple: cyber crime exists because each time there is more to steal, each time it has more value, and there is a high probability of get away with it: “it Is a crime very profitable and that rarely anyone has just some time in jail. Is done from country to country and it is very difficult to chase,” he adds.


The revolution ‘maker’ comes to the education equality is still not getting to the science or technology

sme's and home users were the main target of cyberattacks in 2018, with 102.414 incidents in Spain. And the crisis of the covid-19 has been accentuated: “telework, a completely new model for many companies, is being exploited by cybercriminals to exploit vulnerabilities and attack systems of the organisations were not sufficiently prepared to implement it,” says Susana del Pozo, director of IBM safety and Security for Spain, Portugal, Greece and Israel. Are waves massive, consisting of hundreds of smaller attacks against targets poorly protected, that require user intervention, according to the study concludes current Landscape of cybersecurity in Spain, developed by Google.

But what are the greatest threats of cybercrime? “Depends on the objective. For smes, this is your continuity. There are a few volumes tremendous ransomware [malicious programs that restrict access to certain parts of a computer system, demanding a ransom for their release]. And if you sequester your organization, you can't operate,” argues a Moral, also is the director of cybersecurity and innovation in OpenSpring. Programs such as WannaCry, that, in 2018, infected 300,000 computers in 150 countries, and caused losses with a value of 3.500 million euros (1,000 million more than the national education budget) are only part of a much larger problem, since the losses generated by cyber attacks amounting to 0.8% of world GDP (about 534.000 million euros in 2017). The average cost of each individual cyber attack to an sme is, according to the above-mentioned study of Google, 35,000 euros, and 60 % close after six months of having undergone one.

In the case of citizens, the main problem is privacy, either due to the theft of banking data that result in purchases of illicit, or because we see violated some aspect of your life that you don't want to be made public, which may give rise to extortion. “That, in the adult population, it is not a big problem, because the rate of people with a hidden life is not so great; but it is among adolescents and children, because there are many cases of espionage to the small, open up the camera and lure you to send a photo”. To minimize these risks, Secure Internet 4 Kids, of INCIBE, offers parents many resources mediation to accompany the minors at the start of your digital life.

formations key in cybersecurity

Training education Center Price - Master in Cybersecurity International University of Valencia (VIU) TO consult Analyst in Cybersecurity and Information Analysis with Big Data Select Business School 1.940 € Master Data, Complex Networks & Cybersecurity Sciences DCNC Sciences (URJC) 5.300 € Master's degree in Security of Information Technologies and Communications European University / IBM 6.600 € (until 30/06) is Programmer Python with specialization in Artificial Intelligence Tokyo New Technology School To consult Postgraduate diploma in Data Science and Machine Learning IEBS Business School 2.812 € Cibersecurity Bootcamp
KeepCoding 6.000 € Master's degree in Intellectual Property and technological Law International University of Valencia (VIU) To see, University Expert in Software Expertise JOIN 2.210 € Master's degree in Evidence Analysis Digital of and Fight against Cybercrime , Autonomous University of Madrid (UAM) 5.900 €

The pandemic, and cyber attacks

The increase of telework during the last few weeks and the coming months have been workers and firms in a situation for which many were unprepared. To begin with, because it has taken advantage of the need of information of the population for attempting to commit fraud against the citizens (phishing), but also because there are institutions that have been especially targeted, such as hospitals, in these times of saturation were not so dependent on the security of your data.

on the other hand, it has enlarged the “attack surface” for cybercrime, that is to say, the number of resources of a company that are likely to be attacked: “If this surface increases, the odds of a successful attack will also do. Having a large number of professionals working from home, connecting to the Internet from a home network, probably poorly protected and with software old-fashioned, every one of those employees is a white in power,” says Rodriguez.

Resource generalized as the program used to maintain video-conferencing, for example, can be a source of problems; as is the fact that, in these circumstances, “it is finished mixing our digital environment, personal and professional, and that makes the personal risk that we run as citizens, to intermingle with the business risks,” recalls Moral. Using a manager key secure as 1Password, change them every three months and do not share them with anyone are just some of the measures that can be taken to increase the security of teleworking: “it Is important to have the router upgraded with the latest firmware version, connect only to a wifi network of trust and, if possible, to the VPN of the company. In addition, ensure that your anti-virus is updated, also it is advisable to have a multifactor authentication whenever possible, to allow us to confirm the login via mail or text message”, reminds Of the Well.

hackers ethical and other profiles

The scarcity of resources in the market means that, in general, the numerous profiles of cyber security that exist have a claim is very high: from those of the court, more legal, that work-related aspects of the privacy and the General Law of Data Protection (LGPD), even professionals, who are dedicated to ensuring the integrity of the systems of a particular company. Are the so-called hacker ethics, among which stand out the teams “red” (red teams) and the teams “blue” (blue team): “The first are in charge of attacking a system and find its weaknesses, while the latter are like the antithesis of the first, and is in charge of the defense against attacks”, explains Rodríguez. “It is only right that the same professional work in both areas, alternating their role. Unfortunately, in Spain it is sobrecontrata to the first and do not give due importance to the defense.”

To The Well, to this day, the cyber security is addressed with a comprehensive vision, “so that the profiles provide a broad overview of the security and its integration with the rest of functions are and will be in great demand”. One of them is providing the security architects, who are able to define the scenarios technology platforms of security work in an integrated way with the rest of the systems. “In a plane somewhat less technical, the security consultants are also very much required, for its ability to align security strategy with business requirements”, he adds.

How to study cybersecurity?

Cryptography, ciberderecho, computer forensics, cyber intelligence, ethical hacking... according To the catalogs updated for 2020 by the INCIBE, and nowadays there are already 129 education centres in Spain that offer numerous formations related to cybersecurity, whether they are courses of specialization, Training cycles, degrees or postgraduate courses as those organized by the University of León, with the collaboration of the INCIBE, or the master's in Data, Complex Networks & Cybersecurity Sciences of the rey juan carlos, directed by Santiago Moral-and that includes cyber security and data science.

“Like all of the systems generate a lot of information, what we do is to observe what is happening to be able to take decisions very quickly. We apply artificial intelligence and machine learning to data that are around the internet, to be able to react online,” says Moral. The master's degree consists of five modules that can be attended in its entirety or separately, according to the academic interests or professional student: an introduction to cyber security, programming in Python, a module of two and a half months on cybersecurity including cryptography and security architecture, data science and practices.

Although the normal itinerary includes studying first a degree that provides the technical basis (either by way of a computer engineering or telecommunications), and then a master's degree that provides a specialization desired, there is also space for many other careers: from lawyers and journalists to, for example, economists or sociologists. “For example, for all the issues of dissemination and awareness raising, we need good communicators. A journalist, of course, will not pick up your PC for securizarlo, but will be a expert that is able to communicate adequately with the problem of cybersecurity,” says Moral. “But we also need economists who are able to understand the budget cycles of the cybersecurity, and even sociologists, to understand the mindset of the attackers”.

The training in technology is, according to the experts consulted for this report, of vital importance for a country to be able to stay in the forefront of technology. “If the battle for the hardware is lost in the West (the East has won by a landslide), in the software, the artificial intelligence, the services and manufacturing auto we can still put up a fight,” says Fernando Rodriguez. Does not seem to be that this is the case of Spain: “there is a national plan of promotion of the STEM disciplines or technologies in general. Do not invest anything in the IA; nothing is done to retain the Spanish researchers, or to attract from outside,” he adds. IBM, for its part, has several projects focused on providing training in new technologies, such as the free platform Open P-Tech, to acquire key competences, or the initiative Watson goes to class, to zoom in on the AI and new technologies to the students and teachers of schools of Baccalaureate and FP in all of Spain.

‘Is cool on the Internet’, an initiative to teach children good habits digital

Today, the learning of young and adolescents depends not only on the family and the teachers, but also of what that query and consume on the Internet. The children have a large amount of information and digital resources, and that is why it is essential to provide them with all the resources necessary for a safe use of the Network. “Digital education is one of the key pillars in the safety of the children (...). With this program, we aim to reach even more children and young people for this training to be more profound and global,” says Francisco Pardo, director general of the National Police.

The project I Know a great on the Internet is a collaboration of Google, the National Police, the INCIBE and the FAD to help parents and educators to encourage small-scale good practices that allow them to navigate the Internet in a respectful, critical and responsible. Includes educational games designed by experts in digital security and resources for the elderly, all articulated around Interland, an experience of playful interactive that addresses five basic principles Online: share with care, not to fall into traps, protect your secrets, be friendly and, if you have doubts, always ask.

Updated Date: 12 June 2020, 07:37

You need to login to comment.

Please register or login.