Latin America. "Organizations of all sizes and verticals need to have enough tools to measure the real state of cybersecurity in their companies. The new reality indicates that companies now have a greater exposure to cyberattacks, as a result of the adoption of modalities such as the home office. Faced with this reality, CISOs must measure commitment intentionally and continuously, as the only answer to know when and how their IT assets communicate with malicious infrastructure," said Ricardo Villadiego, CEO and founder of Lumu Technologies.
1. Companies will break with the SIEM (or at least try): Traditionally the SIEM (Event Management System and Security Information) have been a permanent element of cybersecurity for more than two decades, but in the face of new technologies that facilitate their life, the teams of the SOC (Security Operations Center), they will begin to wonder whether this system deserves to remain the main part of their operations.
2. Hybrid work models make cybersecurity an even greater challenge: With teams moving from the office to the home, security operators have to monitor an even broader and more dynamic threat sphere, as well as a greater number of tools that introduce additional vulnerabilities. Therefore, risk visibility will be more necessary than ever.
"The digital transformation led us to implement different levels of outsourcing within organizations to meet a new structure of collaborative work. Today the use of products, services and data management with allies has spread. An important challenge for next year in organizations will be to extend the control of cybersecurity risk to all employees", Carolina Olarte, Ciso of Lulo Bank for Colombia.
3. A cybersecurity talent war is coming: Companies will compete for specialized cybersecurity talent, which will raise standards and further reduce budgets. Tools that make SOC teams more efficient with fast learning curves may be the key to helping companies cope.
"CISOs have the challenge of promoting the need for training and awareness in all the people who have access to the organization, it is useless to increase protection tools, if then the person shares their username and password, here the security schemes are broken", Armando Castillo Corporate Manager of Information Security and Cybersecurity of the Pichincha group.
4. Small and large organizations adopt automatic threat response systems: One way to be more efficient is to automate routine and time-consuming tasks in cybersecurity. For this, integrated tools and coordination between people and technology will become increasingly important for companies large and small.
5. Cyber insurance becomes inevitable: Although some governments are forcing organizations to purchase cyber insurance, insurance companies will be more selective about coverage conditions. Organizations will have to demonstrate a strong cybersecurity practice or else they will have to pay higher coverage rates or not have the expected coverage.
6. The adversary builds new alliances: Cybercriminals form new partnerships with those who can facilitate access to the network. Employee engagement will increase as the adversary agrees to share the profits.
"Regularly what organizations do when there are cybersecurity attacks is to close the gaps, but we must also look for ways to integrate collaborative structures between peers, organizations, government institutions. Criminal gangs have improved their ability to affect and now concentrate on the ordinary citizen and from their lack of training access to companies, "Víctor Morales Ciso of Banco Azteca Mexico.
7. Small- and large-scale ransomware campaign attacks: More traditional data hijacking methods will target smaller targets, such as desktops, with smaller payments, but on a larger scale. The increased availability of initial access, malware (malicious programs), as a service and ransomware chains will make new actors enter the game of cybercrimes.
8. Ransomware gangs launch stealth attacks: After some high-impact attacks in 2021, specialized data hijacking gangs such as Darkside and Revil disappeared, largely because the responses of government protection organizations intensified. Large attacks will make use of zero days and seek to infiltrate covertly and quietly obtain payment.
"The speed and frequency of these acts increased and we must be preparing and not thinking that we will be able to stop a cyberattack in a company, but rather that we must be prepared to receive it, and respond effectively, so that it is assumed as any other type of contingency within the organization, Pedro Adamovic, CISO of Banco Galicia in Argentina.
9. Supply chains, and internal staff, become the weakest links: Western supply chains have been shown not to be particularly resilient. A compromise that allows criminals to access a large number of victims and circumvent defenses will be too good an opportunity to pass up.
10. Visibility becomes the anchor of cybersecurity operations: As mature cybersecurity systems evolve to reduce attacker dwell times, network visibility will become the key to not only quickly detecting compromises, but also obtaining the information needed to eradicate threats quickly and accurately.
"Companies must be able to make threats visible and isolate confirmed instances of commitment. CISOs need to know where their organization has the lowest performance of technologies and what are the opportunities offered by the industry to be more efficient. Today the threats are a reality and the consequences are already being experienced in the countries of the region," concludes Germán Patiño, Vice President of Sales for Latin America at Lumu Technologies.
Leave your comment