In recent years the United States has experienced an alarming rise in cyberattacks. During 2020 the Internet Crime Complaint Center reported a record number of complaints, which represented a 69% increase of total complaints compared to 2019. Cyber criminals took advantage of the uncertainty many experienced during this difficult time and profited from our dependence on technology. For companies of all industries and sizes, keeping information secure is a growing concern.
This is precisely what was discussed in the latest panel hosted by Csoftmty, an association dedicated to creating partnerships between companies, universities, and the government to promote the ITC economic and social development of Nuevo Leon, what preventative measures and knowledge are needed for companies to combat this rising concern? Panelists consisted of three industry experts: Adriana Armas, Country Manger in Mexico for Darktrace, Nathan Levey, CEO of Israel Cybersecurity Enterprise and Softtek’s Leonel Navarro, Global Leader in Security and IT.
The moderator, Alfredo Sastre, president of Csoftmty, asked panelists three key questions, which each responded to according to their environment.
1. What are the differences and similarities between vulnerabilities and risks and how can we minimize them?
Adriana began the discussion by providing definitions for each term. “A vulnerability is a flaw or weakness within information systems that puts data at risk. A risk is what a vulnerability can potentially manifest to.” She added that no matter the situation it is crucial for the company to have visibility of what is happening with their cybersecurity system, especially when there is a breach.
“Today’s gasoline is the information that we create,” said Leonel. Many threats are out of our control because the motive behind these threats is monetary. He went on to say that, conversely, vulnerability is within the company’s control. “Companies must do their due diligence to determine risk and establish a security strategy to manage this risk to guarantee confidentiality, integrity and availability of information systems.”
Nathan discussed the importance of implementing preventative solutions to mitigate these risks. Companies must be aware of what they are up against and as a result cybersecurity needs to constantly evolve to keep up with cyber criminals. Nathen added, “Cybersecurity is not the final solution; it is a tool that every organization should have at the forefront to achieve their business objectives.”
2. What are the key innovations for companies to detect and contain or prevent an attack?
Many companies view and understand risks differently and although there is no bullet- proof solution for cyberattacks, there are many factors that indicate a company’s risk level. Leonel discussed four of them.
- The first and most important factor is passive visibility. Many companies don’t understand the attack surface they have and therefore underestimate what needs to be protected, leading the company to experience vulnerability.
- Lack of cyber hygiene. These fundamental practices should begin with the system construction and continue throughout the harding of components to understand any weak points the company has. Leonel stressed the importance of staying up to date to know exactly where the company stands.
- Active visibility. Many companies are just beginning to understand the processes that are critical to their supply chain. By having these processes automatically correlate information, the company can then better understand regular behavior for their environment and receive alerts when abnormal activity is detected.
- Incident reporting. Every company to some extent is vulnerable; what’s more important is an organization’s ability to combat breaches.
Nathan added that there are two types of companies, young and mature. Although we continue to see headlines in the news about cyber breaches in all industries, there still are organizations who think they are untouchable and believe they are immune. This kind of ignorance costs an organization money and oftentimes their reputation.
Adriana answered the question by saying, “Security teams, if the company even has one, are overwhelmed. There are many tools and processes, but that isn’t enough. Cyber criminals are still winning many battles.” The pandemic only complicates this and brings about more cybersecurity issues.
3. What suggestions do you have to adapt to the Blue vs. Red team strategy to respond to incidents quickly?
The quickest way to respond to an incident is to have a strategy which in Nathan’s opinion is where companies have least maturity. “Prevention is important, but reaction is just as important, if not more,” he says.
Adriana added that Red vs. Blue team is needed, but it needs to go beyond that—using artificial intelligence to make it easier and more efficient for humans.
Leonel answered the question by saying that technology has advanced tremendously, a lot of the decisions that are made related to cybersecurity depend on the industry and organization maturity. “Many companies have already experienced a breach and know full well the impact they have to their supply chain, so they decide to manage risk and invest... they know the impact of a cyberattack can be significant. Those companies are then consuming Red and Blue team services.” There are still many organizations out there that don’t see the importance of cybersecurity and therefore don’t invest in Red or Blue teams or enough preventative technologies in general. Although as a whole we are moving forward with understanding the importance of cybersecurity, there is still a lot of work that needs to be done.
Cybersecurity is becoming an important topic of concern for companies of all industries and sizes. Fortunately, there are many useful tools and services that help companies mitigate risks and security breaches to keep their information and those of their customers secure and protected. The moderator, Alfredo Sastre, closed the panel discussion with an excellent analogy, “Cybersecurity is like a big puzzle; we may not know what the end product will look like but the more pieces we add the clearer it becomes.” Companies need to stay one step ahead of malicious cyber criminals, so they don’t become the next target of attack.
To get full insight, watch the panel (Spanish language).
