One of the direct consequences of cybercrime in the financial field and the increase in acts of fraud.
We remember that large companies in the sector have already been affected by this kind of phenomenon. There is the example in 2019 of the Desjardins movement that has resonated in the press. Financial companies, like all other companies or public organizations, must then focus on their IT security. Yes of course size doesn't matter. One observation is that "SMEs are now the main target of cyberpirates," says Simon David Williams, CEO of ISM Group.
This article will also interest you: Desjardins: a year later than remembering the data leak
In the same vein, Michel Mailloux, President of the College of Financial Professions, said: "Financial services firms have an interest in strengthening their security practices as the personal data market is very flourishing and lucrative. A simple credit card number with its security verification code sells for $80 in interlope networks. A Quebec health insurance card sells for $250, a Canadian passport, up to $6,500. ».
Yet organizing its computer security can do can be done as simply as possible. However, it will have to be done in stages.
First, we have to do it through risk assessment, which is an essential basis. Try to ask yourself about the threats that are openly targeting you. The consequences you should face if you steal data, the procedures to follow in case you lose files or a terminal with important files. You'll also have to ask yourself what the reaction will be if you get caught up in a ransomware attack. According to cybersecurity expert Michael Albertson, it should also be remembered that: "There is no such thing as perfect security," says the expert. That is why we must give priority to measures that target the highest risks. ».
Second, we will have to think about protecting the access points. Because cyber criminals are always looking to infiltrate the system through these entries. These include e-mails and text messages. To do this you would have to be equipped with a fairly solid antivirus solution. The idea is to be able to protect against any type of malware that can be infiltrated by this kind of method. These include spyware or Trojans. The proof is that: "In 80% of the incidents we have been involved in, companies relied on Windows Defender," according to Simon David Williams.
Nor should the issue of passwords, which are often the first obstacles to cyber malice, be overlooked.
The third point is about digital protection. Indeed, each institution must organize the protection of this data as a necessity. This allows them to encrypt their information. Make backups strategically so as not to lose them in the event of a computer attack with ransomware for example. A practice that is now facilitated by Microsoft's Office 365 as well as its cloud backup through OneDrive
"The security mechanisms on these systems are very serious and greatly simplify the security problems that we could have had in the 1990s. Unfortunately, people don't use it," Albertson says.
The fourth is physical protection. Indeed, it is necessary to protect the places where the information is based.Protect them from theft, physical intrusions, vandalism or even disasters a few floods or fires. This issue of physical protection affects many mobile phones and portable devices such as cell phones and computers, as they are easily exposed to theft or destruction. This is what in both cases can cause a lot of problems if arrangements are not made beforehand. Michel Kabay, for his part, felt that "the best policy is not to entrust them with any important information", suggests Michel Kabay.
The fifth point is related to the human resource. As it tends to be noticed in the computer security sector. The weak link and usually the human. It is much easier to hack into a computer system based on certain weaknesses of employees or employees and partners. Also there will need to be an emphasis on awareness and intrusion and reaction tests.
Now access an unlimited number of passwords: