Transparent advice, valuable tools and common sense to protect your identity, your company and your family in the digital world
Transparent advice, valuable tools and common sense to protect your identity, your company and your family in the digital worldCybersecurity does not only concern large companies, says Natalia Maroto, a specialist in digital transformation who has completed a master’s degree in data protection and implemented security plans in companies in various sectors in Spain. Our recent webinar with Natalia made it clear to us that we are all exposed, from SMEs to families with children and connected devices. Here is a summary of practical advice, valuable resources, and answers to the most frequently asked questions in the webinar Dylsi organised.
Why do we think that cybersecurity is not for us?
“SMEs and families are the easiest targets for cybercriminals.”
— Natalia Maroto
- Large corporations have protocols, IT teams and legal obligations, such as reporting incidents to the AEPD (Spanish Data Protection Agency).
- On the other hand, SMEs and individuals tend to have less protection and more vulnerabilities.
- A hacker can break into a family holding company through a child’s tablet by watching videos on YouTube.
- Social media give away too much information about where we are and when we are not at home. Avoid sharing your whole life in real time!
How do cybercriminals use our data?
- Identity theft
→ Sending personal documents by email or WhatsApp facilitates identity theft.
→ They can take out loans, open accounts, or make purchases on your behalf. - Financial fraud
fraud→ From using credit cards to accessing bank accounts. - Extortion or blackmail
→ Threats to publish compromising photos or information. - Information theft or malware
→ Device lock-down to demand a ransom (ransomware).
→ Silent theft of data for resale: customers, suppliers, algorithms…
Basic (and affordable) tools to protect ourselves
“For €20 a year you can start protecting your company and family. Who would think that’s not worth paying for?”
— Natalia Maroto
- Password manager: avoid always using the same passwords. Don’t share them.
- Two-factor authentication (2FA): many apps already include it, enable it.
- Updatea antivirus: there are more than enough free versions.
- Backup copies in the cloud: also for your family photos.
- Free training:
- Courses of the National Institute for Cybersecurity (INCIBE) for families, employees and companies.
- INCIBE’s Instagram for up-to-date tips.
- Avoid public WiFi networks: they are open doors to data theft.
Extra tips for SMEs and the self-employed
- Digital certificate for e-mail
→ Ensure your invoices and quotes arrive safely. - Personalised
training→ ITCM Solutions offers courses adapted to every company. - Check website security
→ Does it have the sign of a padlock? Does the URL start with “https”? If so, it’s secure. - Verifiy attachments before opening them:
→ Use VirusTotal or Have I Been Pwned to check if an email is suspicious. - Don’t enter your data with ransom online surveys
→ Once you have given it away, there is no going back. - Strong passwords
→ At least 14-19 characters, with uppercase, lowercase, numbers, and symbols.
→ Avoid typical characters such as ‘@’ or ‘!’, which are now familiar and easy to guess.
What should I do if I am hacked? Steps to follow
- Go offline
→ Put your mobile phone in aeroplane mode and disconnect your computer from the network and the Internet. - Call a data
protection expert→It is not necessarily an IT specialist who is a data protection expert. You can also rely on an external specialised company such as ITCM Solutions. - Identify affected
data→ Is there data on customers, suppliers or sensitive information? - Inform those affected
→ It is your obligation if you handle personal data. - Notify the AEPD (if in Spain)
→ Depending on the type of company, you may have a limited period of time to do so.
→ Consult the AEPD’s guide on data breaches. - Document everything that has happened
Transparency and teamwork
“Cybercriminals use psychology. If you clicked on a link, you’re not stupid: you’re a victim”
— Natalia Maroto
- In companies, the fear of “what will they say” prevents many employees from reporting incidents in time.
- The team must know that transparency is vital!
- Think of your company as a football team:
- The goalkeeper (you) can’t handle everything.
- The defenders are your employees, suppliers, and customers, who must also receive training.
AI and cybersecurity
- If you use free AI platforms, be careful what data you enter: AI never forgets.
- Check out INCIBE’s resources on AI and cybersecurity.
- Always read the terms and conditions, even if bothers you. “Not reading can have a very high cost!”
And remember…
- Convenience is the enemy of cybersecurity.
- Having cyber protection insurance like theose we offer at Dylsi is not a magic solution, but it is a fundamental tool.
- You must commit to protecting your data, employees, and reputation.
Do you have questions or need advice?
Natalia Maroto offers a free first consultation appointment to Dylsi clients. Get in touch with her (with the code: Webinar Dylsi) to start protecting your company, your customers and your family. You can also contact our team at Dylsi. Because prevention is always cheaper than recovery.
