The major cybersecurity challenges against a backdrop of increasing technological attacks
Cipher, Prosegur's cybersecurity firm, is increasing its operational base and its response arsenal to offer potential customers protection designed in the same way as a tailored suit.
According to the editors of corporate newsletter Security Magazine: "The question right now is not whether or not a company will suffer cyberattacks, but when they will suffer them" It may sound like a bit of a pessimistic prediction, but the facts speak for themselves. As asserted by British technology spokesperson, Bernard Marr, "with the digitalisation of our economies, a process as irreversible as it is very beneficial, generally speaking, we have opened doors and windows through which cybercriminal activity can slip".
One of the most striking forecasts made by strategic consultant Gartner for 2023 reflects this: before the end of the year, more than 43 billion devices will be connected to the Internet of Things (IoT), approximately five per human being. The more the online side of our societies grows, the more exposed we are to technological threats. In this expanded field of play, Bernard Marr emphasises "the challenge of consolidating the culture of working remotely. Also, at a geopolitical level, the presence of "international attackers sponsored by certain aggressor states directed at both governments and companies."
The cost of growth
In response to these attacks, cybersecurity experts are developing a range of defensive resources using artificial intelligence, in what Marr describes as a true "arms race" against hackers and other technological aggressors. This means an increase in costs for those on the side of the law: it is estimated that the volume of the AI-based cybersecurity market will come to more than 130 billion euros by 2030.
In the medium term, as soon as this technological pulse stabilises, vulnerability will mainly be attributable to human factors. Attacks will be based very particularly on so-called "social engineering", which is how we refer to exploiting individual user's fears, insecurities, imprudence or ignorance, tricking them into sharing log-in passwords, disclosing valuable information or installing malware on their devices.
How to survive a scam
In the words of Carlos Fernández, Senior VP of Global Services at Cipher, the Prosegur Group's cybersecurity firm, "companies are opening new channels and trying to reach new markets." This "provides great opportunities, but also generates risks." This is a very broad type of threat, ranging "from the incapacitation of systems to information theft or the sale of intellectual property."
These risks cannot be underestimated. As Fernández points out, "a flood at a plant is as dangerous as having your computer network brought to a standstill." Some companies have an internal resilience that allows them to adequately protect themselves, while others need to resort to specialist help, as they are exposed to serious damage and even "to completely disappearing".
Three major challenges in the near future
When it comes to cybersecurity firms, Fernández believes that the current scenario poses a triple threat: "Visibility, because our customers often do not know what their assets are, where they are deployed and how they are set up. Technological fragmentation, as digitisation and expansion through new channels has brought a wide range of new players who produce very specific pieces of software, leading to a significant dispersion from a technological perspective. And finally, a lack of talent."
This third threat could be in the process of being resolved, although there is still a long way to go: "Estimates suggest that we will lack half a million professionals over the next couple of years." "Chairs are being created at universities as well as specific training plans, but we are still in need of these professional profiles." That's why Cipher is committed to searching for and actively promoting talent at the four company's four centres "in Spain, Portugal, Brazil and the United States".
Cipher has faced these challenges by "creating a 100% internal platform." As it was unable to find the tools that would allow the companies to which it offers services to design a tailor-made suit, when it comes to cybersecurity, this Prosegur division chose to develop it internally, positioning it at the core of its XMDR security services [standing for what could be translated as "extended detection and response management capabilities"].
Cipher's comprehensive response is structured around on a very robust technological base, which includes, based on Fernández's description, "machine learning, artificial intelligence and advanced search algorithms". All of this within the framework of what Fernández describes as "Prosegur's unique value proposition, which consists of combining traditional security with the innovation being generated at the company". A hybrid security model to safeguard digital assets with a level of competence, responsibility and rigour equivalent to that received by people and physical assets.