Emails with sensitive content that should be deleted but are still on the network; Large organizations with part of their databases leaked on the Internet; Reputation Crisis Committee members who pass information via WhatsApp, or to collaborators who should not have it; Smear campaigns; Lack of a protocol for managing the impact and communication internally and externally when a breach in the digital wall occurs. In her 17 years of experience, Silva Oregon, a forensic expert specializing in digital identity, reputation and cyber investigation, has seen many risk practices and only three companies – multinational corporations specifically – want to truly work on prevention. “The majority only respond when they are exposed to a serious incident, in their homes or in their immediate environment,” he reveals.
Javier Calahorra, Chief Information Security Officer from BBVA in Spain, agrees to highlight the importance of prevention. The ocean to be protected, traditionally physical, has grown into the cloud, and is no longer a closed border, but a fluid one. María Jesús Almazur describes, Chief Operating Officer Telefónica Tech for Spain and America. In his opinion, it is no longer enough to simply prevent anything from happening, but rather the detection and response capabilities must be expanded. “Any company is vulnerable to attack; some of us may be more attractive than others, but no one survives,” warns Calahorra. “Are we prepared?” is the question on which the second roundtable of the day, organized by the hubs EL PAÍS and BBVA, focused on The company, with a special focus on small and medium enterprises. “The trend is good, but cybercrime continues to rise. “It’s at the forefront,” says Maika Aguilar, director of identity, compliance and cybersecurity culture at Ferrovial. “You’ll never be 100% ready, but a lot of progress has been made,” says Almazur of Telefónica Tech.
Human factor
Silva Oregon asserted that the human factor is the reason behind many security failures that occur in an organization, intentionally (filtering and selling data), negligently (using a less-protected personal computer to answer a work email), or as an error. victim Phishing, Phishing – When communication is via WhatsApp – and a whole series of increasingly sophisticated scams. In any case, “it is difficult to control,” he admits. Aguilar defines cybersecurity as a “long-distance race” involving technology, processes, and people. While the first factor has picked up speed, the other two are progressing “at a pace that is not as fast as we would like,” he admits. Although it is true that the speed of its adaptation will depend on keys such as available resources, whether the company is migratory or digital (e.g. Start-ups), the digital maturity of the sector or activity, or its regulatory framework.
At this stage, security breaches appear, and they are windows of opportunity that he exploits.”the wicked“To break down digital defences,” Calahorra recalls: “We played defense against attackers.Adopted early“, he calls them. “I think the main risk any organization faces is not knowing its security posture well; Al-Mazur insists that the security plan must be part of the strategic plan. This is something that does not happen again in the majority of medium and small companies, even though they are the ones that suffer from 70% of cyber attacks. “Businesses know they cannot survive without digital security,” Aguilar says. All you have to do is look at the growth rates of this market, which range between 10% and 15% per year, depending on the analyst you consult, explains Ricardo Sanz, Director Cybersecurity business In evolution. Until it reaches 2,130 million euros in 2023 in Spain alone, according to expectations from the International Data Corporation (IDC).
Investment is being made in infrastructure, new solutions and talent that is in short supply. “In SMEs, it is more clear,” says Almazur, who strives inward and is committed to establishing alliances with SMEs. partners Specializing in cyber security. It doesn’t take long for the need to attract female talent to emerge: “There are only 12% of women in so-called STEM careers,” she recalls. And also using public-private collaboration to enhance training and increase the number of profiles potentially employed in a growing sector. And to exchange information, between departments and between companies, “even if they are competitors,” says Aguilar. “We broke down that kind of barrier,” Sanz says. “Knowing what happens to others helps you,” Calahorra asserts. “I am pleasantly surprised by the collaboration and communication that exists in the cybersecurity sector,” says Aguilar. In Almazur’s opinion, continuous training and collaboration are synonymous so that cybersecurity solutions can keep up with technological change.
Guarantees in secure and flexible environments
sergio salvador, Head of Engineering From BBVA in Spain, the expert forum held by EL PAÍS and BBVA concluded with the message that cybersecurity is key to “ensuring the integrity and confidentiality of information”, creating secure and resilient environments, giving confidence to citizens, consumers and businesses, and protecting privacy. The World Economic Forum was quoted as saying, “Cyberattacks are the fifth risk factor for economic stability and global security.” He concluded: “We should not be afraid of technology, but we must know the risks, and know how to protect ourselves.”
Follow all information Economy And a job in Facebook And sor in our Weekly newsletter
Five-day agenda
The most important economic quotes of the day, with keys and context to understand their scope.
Get it in your email
“Beeraholic. Friend of animals everywhere. Evil web scholar. Zombie maven.”