DIGITAL CRIMES: HOW TO PROTECT MY BUSINESS FROM THEM

One of the main fears of large companies is suffering from problems caused by digital crimes. This is because the consequences of
these digital crimes are severe, causing a series of losses for the organization.
Those responsible for digital security should be vigilant in order to minimize the risks of problems of this nature.
In this way, it is possible to protect the organization's data by implementing an effective security policy in the IT area.

What are digital crimes?

Digital crimes, also called cyber crimes, are a form of illegal activity in which criminals, through digital devices, carry out illegal
activities against individuals or legal entities. Some of the most common cyber crimes for both users and businesses are: data theft -
“ransomware”, systems invasion, use of sensitive data and others.

What does the current legislation say about digital crimes?

Current Brazilian legislation provides legal protection for both companies and individuals. There are currently two important laws
on the subject: nº. 12.735/12 and nº. 12.737/12.

What are the main types of digital crimes?

Digital crimes in Brazil are divided into three main types: pure, mixed and common. Pure: they refer to crimes that affect the
physical or virtual part of an electronic device; mixed: they are practiced via internet and reach physical or virtual parts of a device;
common: they use the internet only as a means for its realization.

*There are several types of digital crimes, so that IT specialists must pay attention to their specifications, preventing the damage
caused by them. We can enumerate:

1) theft of data;
2) swindler;
3) use of fake software to obtain data from victims;
4) invasion of devices;
5) bank fraud;
6) obtaining confidential data, among others.

What are the consequences of being a victim of digital crimes?

Digital crimes lead to a series of damages to the business area. In Brazil, there is a loss of US$ 10 billion a year from cybercrime,
according to McAfee.
Worldwide, according to a Symantec survey, losses are estimated at $ 388 billion a year, exceeding the amounts generated by
drug trafficking. These, to be sure, are alarming data and represent the damaging potential of criminal practices.
It should be remembered that Brazil was the second country that suffered the most cyber attacks in 2017, being surpassed only
by China.
The data mentioned above leaves an important reflection: the damage from cybercrime is high. And often, depending on the
situation, they go beyond immediate damage.
It is worth remembering, for example, the lawsuits suffered by Sony in 2011, due to the security breach, which allowed the theft
and leak of data from PlayStation Network users.
This reminder brings us to another point about the consequences of suffering a cyber attack: the damage is not just financial.
Depending on the type of situation the company is exposed to, there is a breach of trust between the client and the organization,
generating boycotts and decreasing loyalty rates.
In addition, there is an important issue: the company is responsible for the information it holds in its databases, corresponding to
users and customers.
Therefore, we can say, it is extremely important that leaks of confidential data (document information, bank details, among others)
are avoided.
Leakage of data can lead to the breaking of industrial or trade secrets. For example, information about the development of a new
product can reach the hands of competitors
Only from these examples is it possible to understand that suffering cyber crimes can lead to considerable damage, so that
protection is the greatest ally to prevent them.

How to protect yourself from digital crimes?

 Every IT manager should focus on security and data protection. Without this, other activities can be rendered unfeasible through
cybercriminal actions.
So, check out what are the main protection measures and ensure the integrity of your company's data.

a) Use standard safety measures

Standard security measures are put in place for one reason: they work. It is the first barrier to criminal action. Among them are:
• use updated antivirus;
• implement access control;
• perform professional backups;
• invest in firewalls;
• block malicious websites, among others.

b) Keep systems up to date

Another loophole that facilitates the entry of hackers is through outdated systems. The updates exist precisely to prevent the
vulnerabilities found from being exploited by criminals.

c) Execute vulnerability tests

Think like your enemy: do vulnerability tests. Those responsible for information security should check the organization's
weaknesses. It is possible to know if there is a facility for criminals to act. This way, you can solve the weak points before hackers find
them and act on them.

d) Create a security policy

It is essential to define rules, rules and permissions for employees on what can and cannot be done. Wrong behaviors make it
easier for criminals to enter systems. For example, the use of social networks at work can facilitate access to a malicious link sent by
an infected friend and, contaminate the company's machines. For this reason it is common to see many organizations vetoing this
type of website in the workplace.

e) Invest in employee training

Employees in other sectors tend not to know what safe conduct is, and may increase vulnerabilities due to lack of knowledge. That
is why it is essential to train employees, not just employees in the IT sector, teaching them how to proceed in the most different
situations, both preventively and when a digital attack is imminent.

f) Hire information security consultants

To guarantee not only greater protection, but also for contingency damages in the case of a digital crime, it is extremely important
to have the help of an information security consultant.
In addition to conducting an analysis of the current situation and verifying what needs to be corrected, these companies also
provide problem-solving service in the event of a digital attack.
It is possible to apply protocols quickly, precisely and safely, minimizing damage and allowing the organization to return to
functioning more quickly.
This service is essential to ensure protection against digital crimes and to ensure that damage is reduced in the event of an attack.
So be sure to have a security consultancy.

QUESTIONS ABOUT THE TEXT

1) Are there data security investments in companies? Talk about it.

2) Find examples of digital crimes in the text.
3) Why is training employees important for the life of the company?
4) Do you know security consultancies? Write some examples.