Compliance with the General Data Protection Act and security against ransomware for companies

01/06/2022
adequacao a lei geral de protecao de dados

Information security against ransomware should be one of the priorities for organizations seeking to increase data protection. 

Between the details and specifications of the General Data Protection Law, the advancing threat of ransomware and the concerns that every business has to face on a daily basis, the topic of Information Security can seem highly complex and difficult to manage.

To better understand the ramifications of the cybersecurity scenario and to start thinking about a security strategy for your business, read on! 

The General Data Protection Act and the need for adaptation in organizations 

The LGPD - General Data Protection Law - came into force in September 2020 and fines for non-compliance began to be levied in 2021. However, many companies have not yet completed their compliance process. 

To consolidate an appropriate organizational culture in the face of legislation, a business must follow the 10 privacy principles described in the LGPD. 

Two points of this data processing are worth highlighting: 

  • User acknowledgement and agreement to the provision of information 
  • Safety measures adopted by the company to prevent leaks 

To avoid problems, the organization must make it explicit what data is being captured, what purpose it will serve and whether the user's information will be shared with other companies. Privacy policies need to be accessible to anyone who provides information. 

\

Prevention and Information Security 

Effective Information Security solutions must include certain extremely important focal points, such as: 

  • Data encryption 
  • File access permissions 
  • Creating layers of security 
  • Recurring analysis and tests 
  • Access control for endpoints and users 
  • Anti-phishing protection 
  • Enabling authentication 
  • Device port control 

Conduct that complies with the LGPD minimizes the risk of financial and reputational loss for companies. Investing in Information Security means guaranteeing space for business development and expansion! 

Ransomware: the threat that has already cost companies around the world billions of dollars 

Good Information Security practices ensure that the corporation complies with the GDPR, but they also protect a company's image, authority and position.

What is ransomware? 

Ransomware is one of the recent threats that pose dangers on several fronts. This type of malware is extortion software used by hackers to block systems and hijack data; with the information retained, cybercriminals demand payments for its return. The value of these ransoms can run into billions of dollars.  

Ransomware as a Service 

The Everything as a Service model is becoming increasingly consolidated. Today, this service provision is also widespread among cybercriminals in general. Ransomware as a Service (RaaS) is already part of the reality for companies. 

And why should Ransomware as a Service be a concern? 

Ransomware packages sold on demand generate huge profits for hackers and, with the convenience and ease of the service, we have a tendency for incidents to proliferate and companies to be attacked, which can generate huge financial losses. 

The arrival of the General Data Protection Act has helped create important changes within companies. However, cybercriminals have also started to take advantage of the possibility of fines and sanctions to extort companies twice over: they have realized that charging for returning information and for not leaking the attack brings even more profit.  

As I said earlier, having prevention and rapid reaction strategies is indispensable!  

How should your company protect itself against cyber threats?  

Implementing strategies to comply with the law, guarantee the privacy of customers and employees and protect the data of the business as a whole can be challenging in some cases. Relying on specialized support is essential! 

Conversys has a range of Cybersecurity and Technology and has experts to help you choose what works best for your company. 

Talk to our consultants and guarantee protection for your business and that of your clients.  

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

en_US