“It is critical that several Guatemalan institutions have had cyberattacks and it is not foreign to the world of cybersecurity where hundreds of companies go through these situations,” says Luis Cordón, academic director of cybersecurity at Universidad Galileo when mentioning the cases of the General Directorate of Arms and Ammunition Control (Digecam), the Superintendence of Tax Administration (SAT) and the financial data of the University of San Carlos and personal records of the Rafael Landívar University.
A cyberattack is an attempt by cybercriminals to disable computers, steal data, or use a captured computer system to launch additional attacks. Cyberattacks have become more sophisticated in recent years and, as a result, cyberattack prevention is essential for all people and organizations.
Kaspersky explains that cybercriminals can use any device connected to the Internet as a weapon, a target, or both, meaning people and businesses of all sizes are at risk. Arguably, because they tend to implement less sophisticated cybersecurity measures, small and medium-sized businesses may be at greater risk than larger ones, despite appearing to be less obvious targets at first glance. Small and medium-sized businesses are often third-party vendors to larger organizations, meaning that if a single password thief hacks into a small business’s systems, the entire chain can be affected.
“Cyber risk has become one of the most costly and disruptive threats for companies. According to the report “Cyber in Focus 2025: Bridging the Gap Between Perception and Reality”, prepared by Willis Towers Watson (WTW), a leading global company in consulting, insurance brokerage and risk solutions, a cyber incident can generate average losses of US$2.4 million (more than Q18 million) and cause operational interruptions of up to 24 days, which shows the financial and operational impact that these attacks can have on organizations.
The study combines the analysis of more than 4,650 cyber complaints registered in more than 90 countries with information from the WTW Global Directors and Officers Survey, which allows us to contrast how boards of directors perceive cyber risk against what real cases show when these incidents materialize.
The report highlights that, although many organizations believe they have robust cybersecurity strategies, incidents continue to have significant impacts. The analysis reveals that insurers have paid more than US$655 million (Q5,101 million) in claims related to cyber incidents, while cases linked to ransomware present average claims of US$2.7 million (Q21.06 million). The largest incident recorded in the study exceeded US$331 million (Q2,581.8 million).
The report also highlights new sources of exposure for organizations. Currently, 50% of data breaches originate from third parties or suppliers, reflecting the growing interconnection between companies and digital supply chains. In addition, reports of cyber incidents increased by 43% during 2024, confirming the expansion of this type of risks on a global scale.
According to the study, 92% of incident notifications were within cyber insurance coverage, provided policy conditions and notification processes were clear.
The study also warns that in regions such as Latin America, cyber risk is growing faster than board oversight, driven by ransomware attacks, breaches caused by vendors, and companies that have not yet adequately tested their incident response plans.
“Many organizations express confidence in their preparation for these risks, but the experience of the cases analyzed shows that response plans are rarely tested in real scenarios, which can increase the duration of interruptions and the financial impact of attacks,” highlights Rodrigo Flores, Regional Cyber Manager Latin America at WTW.
Cyber attack prevention
The academic director of cybersecurity at Galileo University explained that the response to an attack depends on the level of cyber resilience of the organization. If an entity, from a technological point of view, has incident response processes and procedures, it is likely to respond to the event appropriately.
Cordón added that this shows that companies must be aware that at any time they can be victims of an attack and that, if they prepare, the impact will be less or more controllable.
“Many companies focus on strengthening themselves in different technologies, but this alone is of no use. Beyond that, it is important to have a cybersecurity strategy,” says Cordón.
How to protect your organization against cybercrime? Kaspersky, on their website, indicates that the best ways to address defense against cyber attacks include:
- Educate staff about cybersecurity and be ready for when it will happen
For all businesses, it is essential to ensure staff are aware of the importance of cybersecurity. Provide regular, up-to-date cybersecurity training so users know:
- Check links before clicking on them
- verify email addresses of messages you receive
- Think twice before sending confidential information. If a request seems strange, it probably is. Call the person in question before taking any action you are unsure about
User training, education, and awareness will reduce the likelihood that social engineering attempts will be successful.
Minimize the risk of hacking by restricting administrator rights to a select number of staff and installing a system that offers employee-to-employee security.
User access control involves limiting the execution permissions of ordinary users and enforcing the principle of least privilege necessary to perform tasks. One risk for businesses is employees installing software on company-owned devices that could compromise their systems. Preventing staff from installing or accessing certain data on your network is beneficial for your security.
Cyber attacks are often caused by weak systems and software that are not up to date. Hackers take advantage of these weaknesses to gain access to your network. To remedy these, some companies invest in a patch management system that will manage software and system updates, keeping it robust and up-to-date.
Cybersecurity on a personal level
Cybersecurity specialist Luis Cordón says on a personal level it is important to know that credential theft, phishing, electronic fraud, and theft of social media accounts are present. “We ourselves are usually the ones who deliver the information, so we must understand how much we are giving the world information about ourselves,” says the expert.
Cordón suggests limiting information on networks that can give attackers data that facilitate entry. It invites us to ask ourselves: What are we putting on the Internet about ourselves?
He explains that attackers usually use social engineering, which is the art of lying, persuading and deceiving. “It motivates people to do things that the attacker wants,” he explains.
Multiple authentication factors are suggested, which is a password, a token generator and/or something like facial and fingerprint recognition. This makes the probability that they will be able to compromise the accesses miniscule, which discourages the attacker.
It is important to create strong passwords with letters, special characters and numbers. They should also enable multi-factor authentication to prevent unauthorized access to their devices.