Situation photography
The fundamental guidelines that have determined the evolution of Cybersecurity management in any organization involve four challenges to overcome:
- Constant growth of areas of possible attacks.
- Multi-distribution of data across different platforms, services, applications and Cloud.
- Lack of professional profiles specialized in this area.
- We tend to focus on analyzing our strength against external attacks when more than half of the cybersecurity incidents have internal users as their main actors (attempts to install unauthorized software, deactivation of security elements and even attempts to execute cryptomining actions).
We have built proposals with the link of products/suppliers and services (both our own and third-party), each with protection capabilities against incidents, which make the management of these extremely complicated, as well as with increasingly unbearable costs. Failure in any of the links in each chain compromises the rest and its connection with other environments. For this reason, the need to understand Cybersecurity as a matter of shared responsibility is extended.
The cloud, together with connectivity networks and their constant growth, are not only a destination but also a determining point for the expansion of our Cybersecurity capabilities.
Threat Vectors
Security vulnerabilities are increasing dramatically year on year. This increases the difficulty of companies having dedicated resources to tackle this task.
The supply structure itself (increasingly complex with chains of collaborators, subcontracting and requirements imposed by manufacturers) makes it necessary to place a specific focus on third-party security management.
Attacks originating from within organizations have skyrocketed in the last year. Employees themselves, whether through negligence or ignorance, are a key vector in attacks of all kinds.
Phishing and Ransomware attacks are the new global pandemic. Every 20 years a new phishing site appears and the profile of cybercriminals is moving from having a great deal of experience and knowledge to developing malware toolkits that they make available to other cybercriminals and their share of the profit is indexed to the “ransom” obtained.
An increasing number of States are showing hostile attitudes when carrying out attacks or financing them (including through militarized organizations or cybercrime professionals).
Whose responsibility and for what?
Objective
Achieve secure operations as a protection and business continuity mechanism for each company.
The role of a CISO is not to arbitrarily establish control systems and operating limits. The focus of its content is more on the task of orchestrating elements and involving all the people in the company so that Cybersecurity is an inherent element in the performance of the activity of each of the components of that organization. Awareness in this regard must be understood as a formally established requirement for the operation of each job. Without timely and periodic training in this regard, what we will do is leave a fundamental front of vulnerability open to incidents.
The various actors involved (each according to their role) must be responsible for their share of responsibility and guarantee of operation.
When we talk about “actors” we refer to any party involved in the use of the company’s Technology, whether they are service providers, product providers, users, support, etc.
We must demand from our suppliers a detailed breakdown of their part in ensuring that what they sell us meets the most demanding levels of cybersecurity, in addition to constant updating of the improvements that are incorporated into their products, either from the source or in their life cycle.
In summary
Have a proven and sustained chain of trust over time that affects each and every element and component of your proposal.
Our users must be made aware of the importance of their participation and responsibility, not only at the level of loyalty but also in maintaining continuous training and quality in their performance.
Above all, in a hybrid cloud platform it is necessary to determine very clearly who is responsible and for what.
The current focus in companies is more geared towards creating a culture of establishing proven security habits.
The lack of resources that we currently have in this area of cybersecurity also has a direct impact on this area. The current focus is more on creating talent generation programs than on competition between companies to recruit talent.
The near future. How do cybersecurity managers see the evolution?
Rising Scenarios:
Increasing risks of supply of counterfeit or malicious components that impact production environments, with a special focus on IoT and communications elements.
The growing emergence of cybercriminal “marketplaces” offering “packaged” services will multiply the attacks that occur in the future.
New regulations focused on determining the personal liability of Cybersecurity Directors if they fail to report incidents in which they are involved or do not comply with certain standards for safeguarding regulated information and data.
This will also involve and affect the Management Committees of companies, which are increasingly subject to scrutiny in the monitoring of these business protection tasks.
Budgetary pressures due to the growing costs in this area will require Cybersecurity teams to devote themselves exhaustively and determine priority tasks.
The impact of the exploding Artificial Intelligence (AI) and Quantum Computing. Topics of Quantum Cryptography for data protection and machine learning for security will emerge.
Technologies such as SASE and SD-WAN together with zero trust will be an essential part of the constitution and development of effective control mechanisms.
Insurance companies will develop a broader catalogue of proposals for coverage against cybersecurity incidents.