Latin America. Digitization and remote work have exponentially increased the risk due to the use of insecure connections, the use of personal devices and the disappearance of the perimeter. Now cyberattacks are increasingly aggressive, numerous, sophisticated, specific and targeted at employees, which is causing greater financial, social or reputational damage.
The challenge for Latin American organizations is not only the training of their workers to provide them with the necessary knowledge to prevent cyberattacks, but also to implement advanced security systems that intervene before employees have to make a decision.
According to the report "The Global Risks Report 2022", prepared by the World Economic Forum (WEF), 95% of cybersecurity problems have their origin in human error. Likewise, the WEF stated that 43% of cybersecurity incidents produced in companies have their origin in internal threats, intentional or accidental.
Oswaldo Palacios, Senior Account Executive for Guardicore (now part of Akamai), mentioned that employees continue to be a weak point for organizations and not because they consciously want it but that remote work has opened a door to cyber threats that were not previously considered or contemplated because computers did not leave companies. "There are several risk factors in IT operations, from the processes of access, protection and availability of information, to the correct execution of them but almost always cyberattacks are based on social engineering, that is, taking advantage of the naivety of the user", he added.
The Labor Outlook Report 2021 Latin America and the Caribbean prepared by the International Labor Organization (ILO) highlighted the low levels of adoption of digital technologies in the vast majority of small and medium-sized enterprises (SMEs) in the region associated, among other factors, with the lack of basic technological absorption skills (human resources, managerial and organizational skills) and investments in complementary assets that allow taking advantage of new technologies. Additionally, this research also highlighted that SMEs face, in relative terms, high risks in terms of security and privacy due to the lack of information, resources and expertise in the field.
According to the Guardicore expert, traditional perimeter firewalls designed for north-south traffic cannot deliver the control and performance needed to protect today's applications and dynamic workloads in organizations. "Technically, enterprises can use firewalls within the perimeter to implement a layered security model, but it is impractical for most enterprises due to the expense and amount of time required to configure and manage the necessary policies. As a result, today's enterprises need a better way to defend large volumes of east-west network traffic against cyberattacks".
The threat landscape and tools criminals use change too quickly, so it's ideal for technology to intervene before employees have to make a decision. In that sense, Oswaldo Palacios mentioned that Microsegmentation technology is an essential protection mechanism to stop the spread of malware within an organization. In fact, the White House in its statement "What We Urge You to Do to Protect Against the Threat of Ransomware" recommends Micro-segmenting networks, as it is one of the most effective ways to protect digital assets; by reducing the attack surface and encapsulating a threat, we can respond easier and faster to a contingency or even a zero-day attack.
The director of Guardicore (Akamai) stressed that Microsegmentation has three extremely important advantages:
1) Visibility. It is possible to see and control communication processes and clearly understand what the dependencies and traceability of applications are, having this visibility at layer 7 level we know exactly who is talking to whom.
2) Execution. A Microsegmentation tool allows us to make decisions based on the visibility at the process level that we are obtaining, with which we can create micro perimeters and any threat that leaks into our IT environment will be quickly detected and mitigated.
3) Security. By achieving the previous points, we can "reach" a zero trust scheme (Zero Trust) since now we understand 100% the behavior of our applications and who is accessing them, from where and at what time, with a granularity at the process level that is not had with elements such as Firewalls, IPS or Endpoints. "You can't protect what you don't know exists".
Finally, Oswaldo Palacios said that with the implementation of a solid, fruitful and successful Microsegmentation, organizations in Latin America will be able to counteract the effects of suffering some cyberthreat derived from human errors or malicious intentions of their employees.