The Internet is a double-edged sword. Thanks to the fact that it has been able to use it, society can access practically all the existing information by 'clicking' on a screen; however, the progressive digitization has also caused us to be more vulnerable to the risks that the Internet hides; has a cybercrime that is becoming more organized and prepared. Something that was clear pending the first months of the pandemic, when many workers began to type from the living room at home, increasing the exhibition surface of companies and administration. Now, with the war in Ukraine, all experts expect cyberattacks to pick up internationally; although, for the moment, they continue to be focused on the two opposing countries.
Aware of the importance of the moment, the Vocento group and CIONET, the great community of digital leaders in Spain and Latin America, have joined forces in holding the 'Cybersecurity: the great challenge' forum.
Space, sponsored by Siemens and Zscaler, and which has been focused on the analysis of a sector with high added value and oriented towards internationalization, such as cybersecurity.
“We live in a changing global scenario in which the cybersecurity sector must find solutions to these new challenges and guarantee the security of users, institutions and companies”, made clear Carme Artigas, Secretary of State for Digitization and Artificial Intelligence of the Government of Spain, during the opening of the forum. Artigas highlighted that, since the start of the pandemic, attacks directed against companies and administrations have not stopped increasing.
In 2021, according to Deloitte, 94% of national companies suffered serious incidents. The annual means of cyberattacks increased, specifically, by 26%. However, the secretary of state pointed out that "despite the risks", the progressive digitization represents a great opportunity for the Spanish economy. And to succeed in the effort, defense must be one of the keys. “We must create an environment of trust that helps secure the technological transformation. The transition will be positive. There is no such thing as zero risk, but we have to continue betting on a more digital Spain”, explained Artigas.
All the speakers who took their seats at the two discussion tables that the forum has consisted of, and who have been moderated by Yolanda Gómez, deputy director of ABC, and Juan Carlos Fouz, managing partner of CIONET, made it clear: “The Total security does not exist on the Internet. However, it is also clear that the situation in our country in terms of cybersecurity is reasonably good, and that we also have well-qualified professionals in this field. Although they are scarce.
Alerted by Ukraine
“As a country, we are exporting talent abroad. It is true that we do not appear in the rankings of the best universities, but the possibility of receiving good training in cybersecurity in Spain is one of the best in the world. We are above the average of our environment”, explained Javier Ramos, rector of the Rey Juan Carlos University and president of the Conference of Rectors of Madrid Universities (CRUMA). Not in vain, our country ranks fourth in the Global Cybersecurity Index 2020. But this does not imply, however, that everything is perfect.
This has become clear with the recent attacks against large companies and the public administration in Spain, such as the incidents suffered in recent months by the SEPE, the Ministry of Labor or Iberdrola. The first two institutions were affected, precisely, by the attack that could do the most damage to the proper functioning of a company: 'ransomware', capable of paralyzing computers and stealing internal information and that each year generates losses of billions of dollars. euros “We are in a very aggressive situation on the Internet. Actors can enter with malicious programs. Organized crime understands cyberspace as another platform,” Karen Gaines, Global Head of Cyber Defense at Siemens AG, said during the forum.
Now, the invasion of Ukraine has caused many western states to prepare their systems to avoid possible attacks from Russia. Javier Candau, head of the Cybersecurity Department of the National Cryptologic Center, questioned about the situation, warned about the importance of being unemployed for what may happen soon. “Cyber attacks between the two countries have not yet spread to the rest of Europe. Something that could change soon. What we are doing is being on alert. Agencies have been advised to improve their security measures and we are very vigilant about what might happen,” he said.
Key to not miss the train of transformation
Awareness about the risks on the Internet has warned, both within the national administration and private companies. However, all the speakers pointed out that there is still room for improvement and, above all, a lot of work to be done. Especially in these times, in which the technologies that we use in our day to day change constantly. This is demonstrated by the great commitment it is making to the development of new tools such as the metaverse, the autonomous check or Artificial Intelligence.
“We are moving towards new security perimeters. We are forecasting how new attacks are going to develop in these environments,” said Enrique Ávila, director of the Civil Guard’s Analysis and Prospective Center and director of the National Center of Excellence in Cybersecurity.
Likewise, attention was drawn to the importance of increasing and improving the training of professionals in charge of cyber defense. He also highlighted the importance for companies and institutions to consider investment in cybersecurity as something necessary; At least, if you want to walk the path of digital transformation without suffering setbacks. “Without a budget, there is nothing. There is a lack of human resources, although there is a lot of talent. We cannot lose the bandwagon of digital transformation. This should not cause fear, but cybersecurity must go ahead”, said Esther Mateo, general director of Security, Processes and Corporate Systems of ADIF.
“Ransomware attacks cost $20.000 billion a year. An incidental average of 3,6 million and about 8 months of recovery. Either we look at the value that cybersecurity can have or we will not be able to move forward, ”said Raquel Hernández, Zscaler Regional Director for Spain and Portugal.
Obviously, it is also important to continue working on developing the security knowledge of all users. Something that significantly limits the risk of suffering a security incident. To this end, the experts valued the role played by the National Cybersecurity Institute in training and raising awareness among Spaniards. Likewise, the help that a tool such as 'gamification' - learning through games - can offer in this endeavor will be highlighted.
