Interview to Nuno Cândido, Cloud & Security Associate Director at Noesis
Moments of crisis lead us to take giant steps that help us in the present and bring benefits to the future. Has the crisis caused by the Covid-19 pandemic had similar effects on the cybersecurity market?
Due to the effect of the pandemic caused by Covid-19, more organizations have gone into survival mode and reinvention of the way they work, their offerings, their business models, and how they reach their end customers. In parallel, there was a hyper-acceleration of the digitization of the economy, which brought new challenges in terms of security. The growing development of multi-cloud environments has expanded the cyber-exposure, the number of points of failure and the vulnerability of networks and settings, which cybercriminals have been quick to exploit in various ways. That's why organizations must refocus on their security architecture. It’s necessary to change the paradigm and adopt strategies to strengthen digital trust, involving attributes such as risk, regulatory compliance, privacy and business ethics. The evolution of cybersecurity solutions has accompanied the change.
The introduction of Artificial Intelligence (AI) has contributed to creating a new approach to traditional solutions, as new ones focus on looking for abnormal behavior and patterns analysis, rather than the search for malicious behavior. In addition, they add analytical capacity and exceed the limits of human ability. They are also a response to the attacks themselves, which are increasingly complex and sophisticated and use artificial intelligence. Being able to analyze information, and eventual anomalies, without the overload of human resources, is one of the perspectives that assisted intelligence allows to achieve. With less effort, it’s now possible to monitor, in a complete way, the networks, and act in real-time on the external or internal threats that affect organizations.
What have been the main problems, in terms of cybersecurity, that Noesis has been in the markets where it’s active? What are the causes?
Between February and March 2020 alone, for example, there was an 84% increase in the number of security incidents reported in Portugal. In total, this value grew 150% compared to the previous period. The digital acceleration has contributed to the exponential increase in cyberattacks and it’s now materially impossible to claim that a company is 100% prepared and protected. One of the significant problems facing organizations today in terms of cybersecurity is the inability of their IT teams to be up-to-date on these issues and to respond to growing threats. In addition, not all organizations can create specialized teams and there is a shortage of qualified professionals in the market. All this has contributed to increasing the vulnerability of organizations. But, at the same time, it’s also an engine of innovation in the market, with suppliers and manufacturers looking to develop solutions that ensure safety while optimizing human resources intervention.
When companies increasingly demand instant access to applications and data, what are the main constraints to the development of remote work by companies and their people?
The adoption of telecommuting has made it difficult for companies to secure information. In the last two years, organizations, with their offices closed, have been forced to adapt their methods, forms and workspaces, betting heavily on technology and a remote work model, which is here to stay. As many of the collaborators followed models of face-to-face work and were decontextualized from the digital world, the shift to telework, due to the pandemic, forced them to challenge themselves to learn how to use new tools and techniques. But the implementation of solutions such as telework goes far beyond day-to-day scheduling tasks in a chat, or a video call meeting. It also includes measures to keep teams engaged and in tune and provide each member with all the tools needed to perform well, from cloud storage and management services, computer security services (anti-phishing protection) to applications capable of creating a centralized system and integrated information-sharing environment.
What are the solutions to ensure that the digital universe does not stop and the data of people, public institutions and other organizations, and companies remain accessible and are not destroyed?
We’re living in times of solid digital acceleration, in which everything and everyone is connected and data sharing is increasing. In addition to facilitating people's daily lives and the day-to-day life of organizations, this development has also increased the complexity of systems, applications, networks and devices. At the same time, it contributes to the degradation of their security. Therefore, organizations must develop a culture of cyber defense, starting from the premise that they will one day be attacked. It should involve everyone, including its CEOs, and always focus on cooperative work between the organization and its cloud and technology vendors. It’s necessary to ensure discrete security capabilities of vendors and holistic about the specificity of IT architectures that allow to minimize risk and mitigate the impact of cyberattacks.
In technology, organizations are increasingly investing in the application of backup & restore procedures, Endpoint Detection & Response (EDR) and Mobile Device Man solutions(MDM) and the implementation of Multi-Factor Authentication (MFA). However, implementing technology itself does not guarantee a sustained increase in security resilience. Therefore, it’s essential to build a strategic plan that defines governance, responsibilities, processes and technology across the board.
In cybersecurity, protection is as strong as its weakest link, a role often attributed to the human factor, by the difficulty in defining or applying security measures. What are the leading steps to reduce the risk of the human element?
Phishing is a very present threat, increasingly sophisticated and worrying. It’s therefore essential that organizations are increasingly attentive and prepared for this type of attack. At the individual level, increasing employees’ attention when they respond to emails or access information is necessary. It is fundamental to define some steps that help organizations and, consequently, their employees, reduce the risk of cyberattacks. Organizations can and should perform simulations of attacks, such as phishing with their employees, assess their level of preparedness and attention for possible attacks, and prepare everyone to deal with real threats as best they can.
Published (in Portuguese) in Exame Informática