We are currently experiencing a major dilemma. On the one hand, there is a huge demand for high-performance computing services, which span multiple industries and verticals. On the other, many of these companies still don’t have the adequate support teams responsible for 24/7 monitoring of the various vulnerabilities to which the organization may be exposed. The learning and adoption curve needs improvement; companies believe it won’t happen to them and that there’s no need to invest. 

In the framework of International Computer Security Day, it’s imperative to remember that both the company and employees are responsible for having policies and protocols in place to achieve optimal cybersecurity.  That’s why education in cybersecurity is key to a company’s technological health. Reality has shown us time and again that an attack can cripple critical areas of the company, causing millions in losses. 

Phishing, ransomware, social engineering attacks, supply chain and cloud attacks; online identity forgery and DDoS (Distributed Denial of Service) attacks, are the main vulnerabilities we see more and more often. This is why cybersecurity in organizations involves a series of measures and precautions to protect the company’s systems, networks, and data against potential cyberattacks and threats. 

Increasingly, companies and organizations depend on technology and digital connectivity to carry out their productive and commercial operations, leaving them vulnerable to cyberattacks, whether through data theft, interruption of services or destruction of information. It is therefore essential to have cybersecurity strategies in place to protect the integrity of information and safeguard reputation and business continuity. 

Having a strategy is key, as it establishes a comprehensive plan to identify, prevent, and mitigate the risks related to cyberthreats. To develop it effectively, some crucial actions must be adopted: 

Self-assessment

Carrying out a risk assessment (critical assets, possible threats and vulnerabilities) and being prepared internally against potential incidents is vital. Also, security policies should address the access to systems and data, passwords, the use of personal devices (BYOD), awareness, and training. 

Platforms and Forecasts

Here, we must pay special attention to access management, different updates and patches, firewalls and antivirus – always remembering to encrypt data. 

Detection and response

Once a breach is detected, monitoring is key to detect suspicious activity. Early detection can help mitigate the impact of an incident. After a cyberattack, you must identify, contain, eradicate, recover, and learn from what happened. Also, don’t forget to have mechanisms in place for backup and recovery. 

Regular audits

Carry out and avoid feeling safe or complacent. It’s important to keep up to date with legal compliance, collaborating closely with cybersecurity experts.   

Faced with this scenario of latent vulnerabilities, it is imperative that companies seek the advice of experts in managed solutions and, at the same time, promote digital education campaigns to raise employees’ and user’s awareness regarding cyberthreats and the damages they may cause. The overall idea is to cover three fronts of action:  end-user devices, access to the network, and cloud applications and services. 

Finally, it is key to underscore that a cybersecurity strategy must be tailored to the specific needs and characteristics of each company and be subject to continuous assessments and adjustments to address potential new threats. Being always ready seems to be the watchword today, more than ever.

Author:
Ricardo Pulgarín Gómez
Senior Security Solutions Architect
Cirion Technologies

The future of business is built on data.  A few years ago, this statement might be labeled as exaggerated, however it’s very descriptive in the age of digital transformation. By the same token, poorly protected data represents a risk for the entire organization. Therefore, we can say that the numbers detected by IDC and presented at Cirion Forum’s latest edition in Buenos Aires, are reasonable: 38% of the main IT initiatives in Latin America are linked to information security. 

The road to a cyber-secure company, albeit necessary, is also a multi-dimensional challenge. 

The main one is driving greater information security education within companies.  Historically, an organization was more likely to worry about its security after experiencing an incident.  When looking at the daily volume of attacks, we can infer that it is even more likely that every company has already experienced one.  This is why it’s time to shift paradigms, starting by feeling vulnerable and deploying the best protection models possible. 

Leaks may occur as a result of bad decision-making based on erroneous information.  A common example: many organizations think that hiring a public cloud service solves their problem.  While it’s true that the large cloud providers offer security and excellence and comply with the sector’s main international rules, this primarily includes the infrastructure level.  This means that companies don’t think about end-to-end protection for their data, which exposes several gaps.   

Additionally, other weaknesses appeared as a consequence of the pandemic.  The accelerated digitalization taking place at the time often pushed security aspects to the background. Systems had to be moved from premises to the cloud to keep organizations operational, but there was neither time nor resources to conduct detailed analyses of the security gaps revealed.  In this sense, there is now a greater level of awareness regarding this issue and new projects tend to consider information security as early as in conception. 

Talent deficiency 

Another strong impact on security is caused by the resource gap. IDC states that 85.5% of Latin American companies face difficulties in finding personnel with the appropriate skills, and 47.3% count on only one specialized cyber security resource. Therefore, the presence of a technology partner is key, bringing knowledge, updates, and experience that would be difficult to find internally. 

Finally, emerging technologies present a new challenge: artificial intelligence (AI) is a double-edged sword.  On one hand, it is a key ally for automating and predicting zero-day attacks, new vulnerabilities, exploits, and other threats which can represent an impossible volume of information to be digested by a group or groups of analysts.  By using AI for detection, experts can tackle deeper issues.  However, this same AI is being used by attackers to perfect their strategies. 

There are obviously many challenges, but the goal should be always the same: implementing a layered, end-to-end strategy that protects access, the increasingly remote connectivity of users (with “zero trust” strategies), APIs and, of course, the traditional perimeter, with state-of-the-art firewalls. To do this, the first step is to understand the business, its needs, its vulnerabilities and its risks, and understand the complete trajectory of data and applications. This is the only way to maximize protection and reduce the surfaces of attack.

Author:
Pablo Dubois
Regional Security Product Manager
Cirion Technologies

Information security has been a widely debated topic throughout past years, if not decades.  As of the second half of last century, business models and even people’s lifestyles have become increasingly dependent on electronic equipment and digital information.  

Practically everything we do today leaves a track of bits and bytes which can be used positively or negatively. For companies, this data becomes a critical asset and losing it may even cause a company to shut down its activities. 

This naturally creates many concerns in terms of ensuring information security, whether for protecting businesses or people.  Movies and news reports put great emphasis on logical data protection, frequently showing hackers in a glamorous fight between good and evil.  Terms such as BCP (Business Continuity Plan) and DR (Disaster Recovery) are discussed within companies. 

However, a warning is in order! In day-to-day business, physical protection is as important as logical protection, although this topic doesn’t usually receive its due attention. 

What is needed to ensure the physical security of information? 

Physical security of information aims to ensure continuous operations, access control, and environment resilience. Digital infrastructure must respond adequately and protect its data based on the following principles: 

– Environmental security: Directed at protecting equipment from natural incidents, such as floods, storms, earthquakes, or even human errors, such as strikes, road accidents or any kind of impact that can interrupt services due to the loss of carrier access or of capacity from the infrastructure’s operations. This includes duplicity of facilities, if necessary.   

– Availability security: Related to ensuring redundant means for energy supply, equipment refrigeration, fire protection, and data transmission links, including IT infrastructure, such as redundancy of storage components, switches, load balancers, servers, etc. 

– Physical security of the perimeter: This is to ensure that only authorized teams have access to equipment and infrastructure facilities. 

The topic seems simple and obvious, but it’s not.  There are several and different certifications in the market to align and ensure best practices in infrastructure security. Some are even specialized by business segment. 

In terms of perimeter security only, for instance, we can expand the topic into different sub-items and processes: 

– Management of access requests: With defined processes and a system for managing and storing history requests, it aims to ensure that all authorized access to the infrastructure is vetted and approved according to their motives and capacities.  

– Authorization of entry: This is the basic entry access but depends on the previous step being well executed to specify who can receive authorization. It demands steady hands to endorse information and execute the authorization of entry correctly. 

– Reception and referral: Mainly in more complex infrastructures – such as large data centers – this is the stage where visitors are received in premises and accompanied to the spot where they should work or have access.  This stage ensures that a person authorized to execute a specific service is unable to access the entire location, which might cause incidents in other places inside the facilities. 

– Access control and monitoring: Biometric sensors, smart doors with volume and weight identification for entry and exit, cameras, and security teams must be used to prevent anyone – through malicious intent or human error – from removing or placing equipment in the infrastructure without proper control. 

– IT equipment lifecycle control: Analyzes the expected energy consumption as of the entry request; uses IoT technologies and automation, such as RFID, to control the equipment’s position inside the data center, registering and monitoring from entry, deployment, and operation usage up to the entire deactivation process, including data cleanup and certified equipment destruction, with less environmental impact. 

How and how much to invest in the physical security of digital infrastructure? 

A safe digital infrastructure may demand large volumes of investment.  We could say that the sky’s the limit, but it will never be possible to create a fault-free environment.   

The investment in physical security, then, will be inversely proportional to the business dependence on data. To lose last trip’s photos may make someone unhappy, but it won’t cause great harm.  On the other hand, losing customer and billing information may represent shutting down a business.  For a legal office to spend hours without internet access can cause a lot of headache but only a few minutes without access generates immediate financial impact on an e-commerce. 

Therefore, the amount invested in physical security and digital infrastructure redundancies is, in general, directly proportional to the financial volumes involved in the business and inversely proportional to an acceptable recovery time. 

That is, the greater the volume of money involved, the greater the concerns about infrastructure, as can be observed in the financial segment.  And the less time a business can afford to remain inoperable means greater concerns about security, as described in the e-commerce example. 

Cost, however, is not the only impact on an infrastructure’s security. Time and experience also count.  Building walls, power and cooling structures takes time.  Defining processes and control systems demand a learning curve.  

It may be tough to measure this time precisely as a cost, but it can be monetized as loss of business opportunities due to delays in going to market or even because of exposure to already existing business risks. 

A good way to shorten these times or adjust the cash landscape for the necessary investments in digital infrastructure is to contract infrastructure as a service from a reliable cloud or data center provider. 

These providers have facilities and processes already in operation, as well as certifications that testify to their qualifications, and a history of customers and incidents that allows them to validate and improve the necessary controls and redundancies to maintain operations at reliability levels that would be unfeasible for other ventures.  

If your IT team is still worried about understanding whether the electric generator will support the load in case of a power failure or if the LTO (Linear Tape-Open) will remain legible to recover backup, maybe it’s time to learn more about the processes and operations of a professional data center, to help you ensure the security of your business.  Cirion has the best data center structures and strict security protocols, endorsed by a series of certifications, not to mention a highly skilled team to support your company’s daily business. 

Author

Heubert River
Head of Data Center, Cloud & Security Operations,
Cirion Brazil

Heubert has more than 20 years of experience in leadership positions in data center operations in critical, high-capacity, and high-performance environments. He is responsible for Cirion’s Data Center Operation in Brazil since 2013.

He has an MBA in IT governance from USP/IPT, several technical and methodology certifications, as well as broad international experience, having led operations in more than 10 countries in Latin America, USA, and United Kingdom.

As organizations’ digital transformation advances, so do the risks of suffering cyberattacks that endanger the security and preservation of your operations and data.

The increase in usage of IT solutions to manage public entities, companies, and educational institutions leads to a need for increasing these platforms’ protection to control organizations’ assets to prevent them from being victims of attacks, frauds or misuse by cybercriminals, disloyal employees and/or malicious third parties.

These attacks can represent a severe setback for any business, especially financially and in terms of credibility, as a data breach can cause the company to lose the trust of its customers. 

1- What is the purpose of cybersecurity in companies?

Cybersecurity enables them to have a protection and defense strategy against cybercriminals that are trying to extort or discredit them.

2- What are the elements of cybersecurity?

Cybersecurity must include three interconnected elements: people, processes, and technology – all under the management of information security.

3- What are the main types of cyberattacks?

Mainly those that seek the denial of services, followed by those that deceive users, such as phishing, and finally, the ones that affect the integrity of information, such as ransomware.

4- Why is cybersecurity so important today?

Because it protects business productivity, inspires trust in customers and investors, avoids negative impact on reputation, and loss of money due to cyberattacks.

5- What cybersecurity measures should companies implement?

It all depends on the environment in which the company operates. Mainly, measures should focus on protecting 4 important pillars: data, user devices, networks, and application clouds or infrastructure.

While digital transformation represents an enormous progress for organizations, exposure to cyberattacks has increased proportionally. If cybersecurity still isn’t a part of your organization’s leadership meeting, it should be.

The number of organizations that had to face consequences by not identifying threats in time is steadily increasing. Don’t allow your company to be another victim of cybercriminals.

Gartner estimates that investment in information security and risk management will reach USD 172 billion worldwide in 2022, up from USD 115 billion in 2021. Security expert provides additional details and advice for avoiding attacks. 

Both the pandemic and the war between Russia and Ucrania have brought new challenges to the world, including demands for more controls, monitoring, and prevention.   Even the scarcity of material, such as microchips, has created the need to look for ways to reuse what you already have or send things to the cloud, which means that these will also need protection.  

Pablo Dubois, Regional Security Product Manager for Lumen Technologies in Latin America, believes that as cyberattacks become more commonplace and sophisticated, companies need comprehensive security solutions to protect their critical data and applications.  

Additionally, the executive raises some topics that require further attention:

• Training of personnel responsible for managing the company’s or customers’ sensitive data.
• Thinking ahead, companies must do more than simply detect and prevent malicious activity; they must consider that they have already been attacked and need to anticipate the response to this situation.

That way, companies will focus on dealing with an increasingly complex framework for action.  According to an Interpol[1] report, due to the pandemic, malicious email traffic has increased by 30% worldwide, which equates to more than 1.5 million emails per day.

In a recent report by Accenture[2], we note that there has been an increase in cyberattacks in 2021, with an average of 270 attacks per company throughout the year (unauthorized access to data, applications, services, networks, or devices), representing a 31% increase over 2020. 

Lumen’s expert says that as cybernetic threats become more common and harder to detect, organizations need more immediate and proactive comprehensive security solutions to protect their critical business data and applications.  

Dubois noted that the most common threat is malware, or malicious software, which is installed in the system causing changes to equipment, blocking network access, and enabling appropriation of personal information.  An example is Phishing, or identity theft, which seeks to steal sensitive data, usually through emails. 

The executive adds to the list interception attacks such as Man-in-the-Middle (MitM), also known as eavesdropping, usually carried out by criminals using a public or insecure WiFi network to secretly access and control devices and steal or capture confidential information.   

It is also important to consider denial of service attacks (DDoS), i.e., attacks that are capable of breaching multiple devices and damaging the company’s system by saturating the network to prevent it from concluding processes and requests.  Lumen’s latest 1Q22 DDoS report shows that of the 500 largest attacks in the first quarter, 97% targeted the Telecom, Gaming, Software and Technology, Hosting, and Government verticals. 

In all cases, says Dubois, companies are vulnerable to cybercriminals who demand ransoms ranging from a few dollars to thousands or millions of dollars to let them recover their information.

For Lumen Technologies’ Regional Security Product Manager for Latin America, IT security is still a pending issue that requires the creation and development of a smart and automated ecosystem to respond to threats immediately, seeking to maintain and ensure operational continuity.  

Dubois emphasizes that we need to be continuously alert and one step ahead in terms of cybersecurity measures.   

[1] – https://www.interpol.int/es/Noticias-y-acontecimientos/Noticias/2020/Un-informe-de-INTERPOL-muestra-un-aumento-alarmante-de-los-ciberataques-durante-la-epidemia-de-COVID-19
[2] https://www.accenture.com/_acnmedia/PDF-171/Accenture-State-Of-Cybersecurity-2021-V1901.pdf#zoom=40

Author
Pablo Dubois
Regional Security Product Manager
Lumen LATAM

Let’s talk about Data Security 

The pandemic gave rise to what could be called a quantic leap in terms of business digitalization.  

E-commerce expansion and primarily remote work adopted by a majority of companies forced them to enhance network services without appropriate infrastructure and security levels.  

The agility in responding to these emergencies and avoiding revenue losses due to factors beyond your control come at a price; companies have become more vulnerable to cyberattacks, which compromise security, confidentiality, and integrity of stored data. 

To give you an idea, one out of four Brazilian companies were hit by cyberattacks in the past 12 months. And two types are becoming more popular among them; Ransomware and DDoS attacks.  And they are certainly positioned to continue as the largest cyberattacks in 2022, primarily for telcos, since this sector was a top target last year. 

In general, ransomware attacks use cryptography as the main source to disrupt customer operations, causing invaluable damages.  Cybercriminals use these attacks to extort their victims, who must pay a ransom in order to retrieve access to their data and systems, as it has been clearly reported by the media.  

In the other attack type, i.e., DDoS, accesses are flooded with unwanted traffic, preventing customers and employees from appropriate access to their services.  RansomDDoS (RDDoS) are currently a profitable modality where ransom is collected to interrupt an attack. 

How to assure Data Security

To protect themselves from this new scenario, companies need to invest in Connected Security, this resource enables threat mitigation through a continuous monitoring cycle, which includes the following steps: 

Foresee –> Machine Learning platforms are able to analyze attack behavior, as they perform system defense. Thus, they can anticipate when the next attacks will take place to mitigate them before they become a real threat.  Prevention, primarily Ransomware goes beyond technical matters, involving awareness and ongoing training of employees as well, to prevent access doors for social engineering activities. 

Detect –> DDoS attack detection is given by continuous monitoring, and it happens when traffic and network access requests that may change behaviors and legitimate traffic volumes are analyzed. For Ransomware attacks there is continuous network monitoring correlating systems alerts, applications, and security infrastructure. This allows Incident Response Teams’ reaction, providing tool support to limit lateral movement, scaling privileges, and ultimately encryption, the last borders for the protection of data and applications. 

Prevent –> To increase your systems protection network a robust infrastructure -capable to avoid a higher number of incidents per cyberattack- is required.  The prevention chain must encompass all access means, from user to public or private network infrastructure to Data Center or Cloud. 

Respond –> Time is the second biggest risk in an incident response.   Response to an invasion must be quick, using monitoring and detection systems resources, as mentioned above.  An in-depth incident analysis in tandem with external factors correlation, threat control centers information, and global alerts, in addition to knowledge basis are key for a successful attack containment.  Having solid documentation in place and deep infrastructure knowledge is another success factor. 

Data must be protected 

Even though many companies are still getting used to cope with the challenges of the so called 4^th Industrial Revolution, investing and assuring security of their data is no longer a matter of avoiding financial losses, which by the way can be calculated here before they happen. 

We emphasize by saying that with the General Data Protection Regulation (GDPR) in force, protecting that information becomes a matter of survival in legal terms. Therefore, when it comes to infrastructure do not be afraid to invest to protect your data and your customers’. Long-term benefits and peace of mind for your company are always worth the cost and effort. 

Walter Rodrigues
Cybersecurity & SD-WAN Sales Specialist,
Lumen Brazil

Expert in new cybersecurity businesses and SD-WAN, with more than 30 years in the IT and Telecommunications sector.