MEXICO-US BILATERAL CYBERSECURITY C OOPERATION
The US and Mexico recognize the importance of cybersecurity as a critical aspect of their bilateral relationship and are committed to fostering the creation of an open, secure and reliable cyberspace. Under the growing threat of cyberattacks, the two countries are working together to harness the benefits of digital technologies and effectively address cyberthreats.
200,000 positions currently available and unfilled.
De la Cruz highlights the significance of cooperation and emphasizes the crucial role played by the private sector in spearheading cybersecurity efforts in the country. Given that 80% of critical infrastructure in Mexico is under private control, these entities have recognized the importance of integrating a cybersecurity strategy into their operations.
Cybersecurity is a widely complex issue due to its transversality and multidisciplinary nature. “Technological threats are constantly evolving,” says de la Cruz. Thus, it is key to create a safe, secure and healthy digital environment. “If we do not work on building trust in the digital environment, sooner or later citizens and companies will be limited in seizing the opportunities that technology brings to consolidate our country as a digital and competitive economy.”
Protecting a country’s critical infrastructure is paramount. According to the CISo 2023 report, Latin America experiences 1,600 cyberattacks per second, resulting in damages equivalent to 1% of the GDP of certain countries in the region. Cyberattacks in the region could amount up to 6% of the region’s GDP, adds de la Cruz.
Mexico stands out as the leading country in cyberthreats in Latin America, experiencing the highest number of cyberattacks. The damages caused by these attacks in Mexico amount to up to US$8 billion. furthermore, there is a significant talent gap in the cybersecurity field, with approximately
Mexico must make significant efforts to develop adequate cybersecurity policies but the country is spearheading legislative initiatives that could lead to the first cybersecurity legislation in Latin America, says de la Cruz. In this regard, as a representative of the American Chamber of Commerce of Mexico, de la Cruz offers recommendations to establish a comprehensive legal framework that promotes the development of a digital culture and involves all stakeholders interested in addressing these issues. A key aspect of the legislation is flexibility. “Advancing in this law will allow for a catalog of cybercrimes that must be flexible because technology evolves rapidly,” he says.
Both governments aim to promote an open, interoperable, secure and reliable internet for all their citizens, emphasizing the applicability of international law and responsible state behavior in cyberspace. They are committed to stability and accountability in cyberspace, as outlined by the UN General Assembly.
Moreover, de la Cruz highlights the role that US-Canada-Mexico cooperation plays in facing cybersecurity challenges. “Cybersecurity is a priority for a better integration of North America. We must collaborate more; it is the responsibility of everyone to strengthen the USMCA collaboration in the fight against cyberattacks,” says d e la Cruz.
Co N fere NC e H IGHLIGHTS 8
“Through the “US-Mexico Working Group on Cyber Issues,” the two countries are engaging in their first bilateral cyber dialogue, meant to safeguard the interests of those using online services”
Mario de la Cruz Sarabia President of Innovation and the ICT Committee | American Chamber of Commerce of Mexico
To strengthen cooperation and address shared threats, the US and Mexico have outlined specific commitments. f irst, the countries will strengthen coordination through bilateral cooperation initiatives focused on cyber and digital economy issues. A work plan under the Bicentennial framework and the High-Level economic Dialogue will reflect this coordinated approach.
Through this collaboration, Mexico aims to enhance its institutional structure and strategy to fight cyberthreats and bolster its efforts in preventing and countering cybercrime. The country could build a stronger culture of cybersecurity by exchanging cyberthreat intelligence, increasing training initiatives and promoting cybersecurity awareness among federal and state agencies, the general public and the private sector. To accomplish these objectives, de la Cruz emphasized the importance of policy harmonization, stating
that one of the most significant updates of the USMCA is the inclusion of a digital commerce chapter that addresses cooperation in cybersecurity to identify and mitigate cyberthreats. To achieve this goal, the first crucial step is to establish a shared taxonomy that ensures a common understanding among all parties involved. Subsequently, it is essential to develop a roadmap that actively involves the private sector and aligns national approaches within a common framework of understanding.
The bilateral cybersecurity cooperation between the US and Mexico reflects the increasing significance of cybersecurity in today’s interconnected world. By working together, these two countries aim to build a more secure and resilient region, harnessing the benefits of digital technologies while effectively addressing the challenges and threats that arise in cyberspace.
THE RISE OF CYBERCRIME-AS -A-SERVICE
The proliferation of technology and the increasing interconnectedness of our digital world has given rise to a new and concerning phenomenon: the emergence of Cybercrime-as-a-Service. Cybercriminal enterprises are rapidly evolving, displaying unprecedented levels of organization and sophistication, which demands further investigation to effectively thwart the market incentives driving demand for these illicit products and services.
“The primary motive behind most cyberattacks is purely financial gain,” said Arie Simchis, General Manager CALA, r adware, during Mexico Cybersecurity Su mmit 2023.
Distinguishing malicious traffic from legitimate users presents a significant challenge, with the best-case scenario often achieving only a 60% success rate. This alarming statistic highlights the
Co N fere NC e H IGHLIGHTS 9
extent to which cybercriminal enterprises have evolved, offering specialized services to facilitate attacks on digital p latforms.
Disturbingly, some organizations even boast quick turnaround times, providing a one-hour service to launch targeted attacks against apps. Among the various types of cybercrimes perpetrated, identity theft and phishing schemes emerge as the most prevalent.
The impact of ransomware-as-a-service ( r aaS) on industrial control systems (ICS) is set to intensify in the coming years, warns Salvador Valades, Associate Director of Cybersecurity Defence o ps, AstraZeneca. He adds that 2023 and 2024 will represent the peak of cybercrime activity, particularly due to the increasing digitization of businesses without fully matured security infrastructure in place.
furthermore, the situation is particularly alarming as it allows even those with limited technical expertise to launch devastating cyberattacks, posing a significant threat to critical infrastructure and organizations worldwide. ”In today’s landscape, hacking services are readily available to anyone with access to the dark web. The era where cybercriminals were exclusively highly skilled tech experts has become a thing of the past,” says José Antonio Goyri, CIS o, Totalplay.
To protect themselves, companies must adopt a comprehensive set of security measures. An essential approach involves the implementation of isolation navigation, which entails isolating critical systems and networks from the wider internet. Additionally, prioritizing email communication facilitated by infrastructure administrators can be a useful tool, as it guarantees that all communications pertaining to vital systems and infrastructure occur through trusted and verified channels. f inally, incorporating two-factor authentication (2 f A) provides an additional level of protection. “We must prioritize awareness and training by simulating real-life scenarios to enhance understanding and knowledge about this threat,” says francisco Arguello, CTo, Zuri ch Mexico.
With the increased accessibility to malicious resources, the potential threat to business operations has significantly intensified, exposing businesses to significant economic risks. However, to address this threat, companies should shift their conception of cybersecurity from an expense to an investment.
“Chief Security o fficers (CS o s) bear the responsibility of initiating this crucial conversation and helping C eo s understand that every cybersecurity measure and strategy should align with
Co N fere NC e H IGHLIGHTS 10
the business models in order to effectively mitigate risks,” says Isaí e lías Salgado,
ACHIEVING ZERO TRUST WITH CUTTING-EDGE MICRO-SEGMENTATION
Companies are operating in increasingly hybrid environments, making it difficult to successfully protect from cyberattacks without disrupting operations. To address this problem, Akamai introduced an approach to cybersecurity that merges zero trust and micro-segmentation to bolster security in the digital l andscape.
Zero-trust architecture prioritizes resource and information security through constant risk evaluation and limited resource access. o n the other hand, micro-segmentation divides networks into sub-networks, establishing barriers against unauthorized access and preventing lateral movement in the event of cyberattacks. Although their implementation approaches may differ, both strategies aim to safeguard systems and data against increasingly sophisticated threats.
“Zero Trust helps identify and not grant excessive permissions to those who do not need them. It is preferable to remove privileges rather than experiencing any eventualities,” says Alejandro Martínez, Sales e ngineer
Senior, Akamai. o rganizations can proactively secure assets using a zerotrust framework, especially in hybrid and cloud environments. Instead of relying solely on perimeter-based controls, zero trust extends its security measures within the network, strictly controlling eastwest access and assuming risk with every network request.
The zero-trust model brings simplicity to cybersecurity by eliminating the concept of trust. The integration of security tools and systems, along with the automation of repetitive tasks, simplifies security operations. Security teams verify and authorize every network request, minimizing the reliance on access decisions made by ind ividuals.
Micro-segmentation complements network segmentation by creating barriers against unauthorized access to critical data. It divides networks into subnetworks or zones and employs firewalls as gateways between them. These firewalls regulate access between subnetworks, ensuring that movement is authorized and limited.
Co N fere NC e H IGHLIGHTS 11
Director, Cybersecurity o perations, e l Palacio de Hierro.
By enforcing secure micro-perimeters within the network, micro-segmentation enhances cybersecurity defenses, particularly by restricting traffic between subnetworks and servers.
segmenting critical applications. By thoroughly analyzing the nature of communication and assessing its necessity, Akamai ensures that the segmentation process aligns with regulatory requirements. The company’s approach allows it to provide efficient and compliant segmentation solutions tailored to the unique needs of ou r clients.
Akamai’s approach to micro segmentation is based on two key aspects. f irst, the company provides extensive coverage for hybrid infrastructures, allowing for a comprehensive approach. Akamai defines specific policies that enable the blocking of suspicious or unwanted communications, thereby providing robust protection. Second, through the assignment of labels, Akamai can place applications in specific segments that only select users can access. It focuses on carrying out this assignment quickly and effectively, ensuring that applications are protected at all times. Akamai is committed to delivering micro-segmentation solutions that guarantee security and control in hybrid infrastructure env ironments.
Clients operate in hybrid environments, making it increasingly difficult to achieve accurate segmentation while obtaining regulatory approval for the segmented information. Akamai recognizes the importance of understanding all communication flows and effectively
The combination of zero trust and micro-segmentation offers a robust cybersecurity solution. o ne of its key advantages is enhanced visibility, which involves creating a detailed map of application dependencies and establishing traceability. Another significant benefit is enforcement, which involves creating and implementing policies based on the traffic discovered within the network. furthermore, a robust security framework provides precise detection of security breaches, attacks and the ability to mitigate the impact of ransomware incidents promptly. “We strive to ensure that all our clients are not burdened with multiple alerts and are able to effectively counter cyberattacks. In the event of a cyberattack, time is of the essence. We must act swiftly and utilize a range of tools,” says Martínez.
Zero trust narrows access to the minimum level required for each task while mitigating risk, while micro-segmentation further strengthens security by restricting traffic between subnetworks and isolating compromised segments. By implementing both strategies, organizations can bridge the gap between high-level security strategy and implementation, enhancing
Co N fere NC e H IGHLIGHTS 12
“In micro-segmentation, one of the most common scenarios is the ability to verify if the user accessing the application is the correct one”
Alejandro Martínez Sales Engineer Senior | Akamai
visibility, control and protection in the face of evolving cyberthreats.
In a remarkable success story, a company lacking Akamai’s Guardicore protection fell victim to an undetected attack, explains Martínez. An infected machine scanned its network, aiming to spread ransomware throughout the organization. Akamai’s swift intervention with Guardicore provided immediate visibility, detecting the infected machine’s scanning activity and revealing the infection vector through multiple connections. Micro-
segmentation played a pivotal role in the success, as service-level policies were created to mitigate the threat without disrupting business operations. Guardicore’s visualization of the incident allowed for targeted blocking of infectiongenerated communication, resulting in the successful remediation of the server without any interruptions. By redirecting blocked traffic to an isolated environment and identifying malicious behavior, Akamai effectively neutralized the ransomware’s propagation and significantly reduced the likelihood of future attacks.
ONE MESH, SECURE ENVIRONMENTS: SIMPLIFYING DATA PROTECTION
The modern IT landscape has become increasingly intricate, with organizations relying on multi-cloud and multi-vendor infrastructures to meet their technological needs. However, this complexity poses significant challenges when it comes to protecting valuable data assets. In response, organizations are embracing the concept of cybersecurity mesh to tackle these complexities and ensure a comprehensive approach to data security.
By extending security controls and visibility across various interconnected components, organizations can create secure environments that prioritize data protection. However, such efforts do not come without challenges.
The first step towards implementing a cybersecurity mesh is to integrate a riskbased approach to implement the appropriate
security measures for operations, says Aimed Pimentel, Mexico Leader, WoMCy
A cybersecurity mesh can fortify a company’s complex digital infrastructures and protect its data in distributed environments. As businesses adopt multivendor and multi-cloud infrastructures, the need for a unified ecosystem of tools and controls becomes crucial. A study commissioned by o racle Cloud Infrastructure found that 98% of surveyed enterprises are already using or planning to use at least two cloud infrastructure providers, with 31% using four or more. This widespread adoption emphasizes the importance of comprehensive security measures. Cybersecurity mesh enables organizations to extend security controls across diverse environments, creating a
Co N fere NC e H IGHLIGHTS 13
cohesive defense strategy that adapts to dynamic ecosystems.
To this end, taking a holistic approach to risk identification is crucial. “A business model should include risk-mitigation from within the system architecture to promptly identify risks and respond appropriately to an attack,” says omar Alcalá, Cybersecurity Manager for SeLATAM, Tenable.
To promptly identify risks, organizations must develop enhanced risk evaluation strategies. “ r isk assessment has to be based on information protection. It involves evaluating the management of information and its impact on operations. These risk analyses provide general insights into operations,” says roberto flores, CISo, Viva Aerobus.
When sensitive and operational information is distributed across different platforms, the biggest challenge is identifying which information is the most valuable and needs to be protected, as well as how to protect it without causing disruptions to users or operations.
strategies must be developed within the team responsible for the systems to ensure interoperability. This is especially important as business operations are often multisegmented and spread across various platforms and services.
o ftentimes, companies contract a wide range of services from different providers, with some operations being in the cloud and others in site. This complexity makes it challenging to determine how to implement security controls, which is why flexibility is crucial to adapt to each contracted service, explai ns f lores.
The cybersecurity mesh presents an opportunity to adapt to an increasingly segmented world, which is why companies need to start understanding and embracing it, says Villalba. The natural evolution of these technologies means that companies no longer worry just about data loss but also about preventing data leaks, with an emphasis on the role of trust. “It is not just about preventing information loss, but also about the trust that exists towards the organization,” s ays o choa.
Cybersecurity strategies once used to be based on patching problems that arose during operations. Now security must be implemented from the beginning, with a concept of cybersecurity embedded in the architecture’s conception, explains Alcalá.
Insights become a valuable resource to guide the seamless implementation of cybersecurity measures across all platforms. “The mesh architecture requires intelligent identification of valuable data that guides a highly segmented information strategy. Therefore, platform architectures must include security strategies in their design,” says Asgard León ochoa, CISo, TV Azteca.
Cybersecurity mesh solutions evolve at a rapid pace, and some changes are part of their maturation. Thus, flexible
An additional challenge to ensuring business continuity and avoiding disruptions is the need for trained and specialized talent. Another difficulty is hyper-segmentation, as it is challenging to have experts in the numerous platforms in use, and this specialization requires a learning curve that top-level management must understand, says Villalba.
The need for flexible operations is apparent, both for the talent managing the platforms and the decision-making departments, says o choa. Businesses should also avoid neglecting the responsibility of users when trying to avoid compromising data. “With
Co N fere NC e H IGHLIGHTS 14
“Organizations have to implement automated technologies to achieve efficient and accurate discovery. With these insights, protection policies and procedures can be managed”
Alfonso Villalba Almeida Co-Founder and COO | Kriptos
remote work, for example, employees can connect from networks that may pose a vulnerability to the system. Security strategies must consider system manipulation through user actions,” says Alcalá.
By interconnecting security tools and platforms, businesses can proactively detect and respond to emerging threats, safeguarding sensitive data and ensuring operational continuity in a rapidly evolving threat landscape.
IOT EXPLOSION AND CLOUD COMPUTING, A SECURITY NIGHTMARE
As organizations embrace the potential of the Internet of Things (IoT) and harness the power of cloud computing, it is imperative to acknowledge the inherent security vulnerabilities and threats that accompany this digital transformation. The interconnected nature of IoT devices and the reliance on cloud infrastructure create a complex ecosystem that demands rigorous security measures to fortify defenses against cyberattacks.
As the backbone of any modern business, the integration of IoT and cloud computing has become increasingly crucial, says Josué ramírez, LATAM regional Director, International Data Center Authority. The interconnected nature of modern devices, coupled with the reliance on cloud infrastructure, amplifies the complexity of managing and securing these ecosystems.
The integration of IoT and cloud computing must be flexible and adaptable to the ever-changing landscape of technological advancements and the evolving needs of society. “There is a shared responsibility with users, with employees. The use of new technologies should be a support, not
a barrier, to carry out activities within the workspace,” says Marco Antonio Núñez de Arce, GM Honeywell Security LATAM, Honeywell.
As organizations increasingly adopt IoT devices and leverage cloud computing services, they expose themselves to a range of vulnerabilities and potential security breaches. According to a 2020 Unit 42 IoT Threat report, a staggering 57% of IoT devices are vulnerable to medium- or high-severity attacks, positioning IoT as the “low-hanging fruit” for attackers. This data underscores the urgent need for robust security measures to protect against the inherent risks associated with the proliferation of IoT devices.
“The growing reliance on technology and digital systems in operational technology (oT) has made it a prime target for cyberattackers. The use of internet-connected devices, sensors and automation has made it easier for cybercriminals to penetrate these systems and cause damage, including the theft of intellectual property, financial losses and damage to physical infrastructure,” says Sneer rozenfeld, Ceo, Cyber 2.0.
Co N fere NC e H IGHLIGHTS 15
Industry leaders at Mexico Cybersecurity Summit 2023 emphasized the significance of fully understanding all aspects of a company in order to protect it best. This way, cybersecurity measures can focus on the assets that need that support the most, whether they are human or technological. Through this analysis, companies can establish accurate and targeted mitigation strategies.
Inventories and understanding the product are crucial steps to leverage the combined potential of IoT and cloud computing, while mitigating associated risks, explains Mauricio Castaños, CIS o , Nemak. “ r egarding the pandemic, it was easy to identify where to focus on security, but now that we expand into the cloud, we have to identify what we have out there and, at the same time, what we have within those devices,” he adds.
“We need to have inventories. We also need to understand the business to know if new technologies help us. In the end, implementing controls and cybersecurity should be a tailored suit that mitigates the risks of the organization where it is viable in terms of cost-effectiveness,” says Castaños.
Understanding the business, categorizing it and selecting an appropriate security method are essential pillars of a successful cybersecurity strategy, explains Arturo fonseca fuentes, CIo, DHL express Mexico.
risk analysis, identification and mitigation are also critical in addressing the financial aspect
of the cybersecurity strategy, explains enrico Belmonte, CI o, Peñaranda. By integrating these perspectives, organizations can navigate the complexities of the business landscape while ensuring appropriate security measures are in place.
The integration of IoT and cloud computing demands robust security measures to safeguard against potential vulnerabilities and threats. The awareness that new technologies can be exploited by malicious actors underscores the need for comprehensive security strategies.
furthermore, training and awareness among users and employees are vital in ensuring effective security practices. “To what extent do you believe people are aware that all new technologies are not only for the good but also for the bad? How much danger do you consider is involved in not having this in mind?” asks ramírez.
A looming problem for every company with an online presence is ransomware, which can greatly compromise a business’ finances and operations. “ransomware is dangerous. Not having containment measures for ransomware is very delicate because they do not always give the information hack. Implementing preventive measures to the extent possible or outright paying the ransom are potential solutions when dealing with ransomware,” according to Castaños.
Suppliers and employees play a crucial role in the important and delicate management of information. “ o ur greatest information leakage and highest risks stem from
Co N fere NC e H IGHLIGHTS 16
people. Investing time in training is of utmost importance,” says fonseca.
Some organizations lack security strategies that can quickly and effectively respond to a crisis, in which knowing what
needs to be done is crucial. By embracing a proactive approach to cybersecurity and fostering a culture of security awareness, businesses can navigate the evolving digital landscape with confidence and resilience.
ZERO TRUST AND XDR: THE NEW ARCHITECTURE OF DEFENSE
Cyberthreats are growing in both number and complexity, calling for innovative approaches that allow individuals and organizations to protect themselves. The convergence of Zero Trust and e xtended Detection and r esponse (XD r ) has revolutionized the approach to cybersecurity, offering organizations a powerful strategy to enhance their resilience in the face of evolving threats.
“We are in need of technological tools that can analyze information in real time to address cyberthreats quickly and effectively,” says Valther Galván, CISo, ProSA.
By challenging traditional perimeter-based security approaches and embracing the Zero Trust mindset, organizations can establish a robust security framework that prioritizes granular control and continuous monitoring. This protection is increasingly necessary, as even those who may not feel at risk may be more open to cyberattacks than they realize.
The convergence of Zero Trust and XD r can be key to safeguarding critical assets, preserving business continuity and mitigating evolving cyberthreats. These two tools play a vital role in the evolving landscape of cybersecurity, equipping organizations with the knowledge and guidance needed to optimize their defense strategies and protect against emerging threats.
“Zero Trust and XD r complement each other — they are not interchangeable. Together they provide the most powerful defense against ransomware and other cybersecurity attacks,” according to Akamai. “Without implicit trust, breach propagation will not be possible.”
XD r transcends endpoint security, incorporating various technologies, with a primary focus on detection and response.
“XD r ’s focus goes beyond the endpoint to all the tech surrounding it, including networks, emails, identities and many other aspects. All these systems must communicate with each other,” says erwin Campos, Global CISo, Grupo Bimbo.
However, achieving successful implementation of the Zero Trust-XDr model necessitates meticulous consideration of various digital environment elements and operational functions throughout the XD r lifecycle.
In contrast, Zero Trust adopts a preventive approach, emphasizing the importance of context through a “Trust but Verify” mindset. “one of the biggest challenges that companies face when adopting the Zero Trust methodology is getting accustomed to the strict approach that distinguishes this methodology from others,” says omar Herrera, CISo, Stori.
r ecognizing the criticality of cloud environments, trust in providers becomes crucial. Moreover, individuals assume a pivotal role by providing essential
Co N fere NC e H IGHLIGHTS 17
“Per capita, Mexicans have about five connected devices at their home, even more if they have smart appliances such as refrigerators”
Juan Carlos Carrillo
Director of Cybersecurity | PwC
business context for the successful implementation of these concepts. “The Zero Trust methodology aims to protect digital data, while ensuring the safety of both the user and the net,” says o swaldo Palacios, enterprise Sales e xecutive Senior Mexico, Akamai.
Interoperability, standardized data and unified information panels are essential to effectively harness the benefits of XD r By adhering to established frameworks, enterprises can strategically navigate these concepts, fortifying their digital ecosystems and achieving resilient security postures.
To achieve comprehensive security, it is imperative to establish robust network visibility by implementing necessary controls that fortify the system. This entails permitting only authorized traffic to circulate, while unequivocally denying any unauthorized access by default.
Zero Trust brings forth a contextual framework, considering the intricacies of connectivity, origin, destination and allowable boundaries. In the realm of XD r , attaining a high level of visibility becomes indispensable for the correlation and AIdriven processing of data.
ensuring the effectiveness of XDr requires a strong focus on mitigating lateral movements within the network. It is crucial to equip companies with tools that provide real-time visibility into the processes of servers and legacy systems, as these may escape the scope of XDr itself.
e mbracing the Zero Trust approach gains wider acceptance when grounded in a risk-oriented perspective, validating its implementation. “ e ffective cybersecurity measures depend on focusing on the specific anomalies that threaten the operative system,” says Pablo Carrillo, Senior Account e xecutive, Darktrace.
Similarly, for XD r to deliver tangible value, the information gathered must align with the inherent needs of the business, especially in terms of traceability. Safeguarding endpoints becomes pivotal in detecting anomalies by meticulously scrutinizing intricate processes. Seamless communication among the diverse tools safeguarding these endpoints becomes essential, as the challenge lies in effectively correlating and contextualizing the multitude of interrelated events. By addressing these considerations, organizations can enhance the efficacy of their XD r implementation and strengthen their overall securit y posture.
In the realm of infrastructure management, complete visibility within the intricate workings of an organization remains an elusive goal. To address this challenge, equipping themselves with real-time information tools capable of promptly detecting anomalies becomes imperative. While micro-segmentation proves efficacious in mitigating u nforeseen or unfamiliar attacks, cautious deliberation is necessary, considering the potential impact on business conti nuity when
Co N fere NC e H IGHLIGHTS 18
faced with limited knowledge of the underlying infra structure.
While Zero Trust and XD r are not new concepts, their combined synergy creates a formidable defense strategy that effectively safeguards critical assets and preserves business continuity. The increasing adoption of Zero Trust is evident in the findings of okta’s 2022 State of Zero Trust Security report, which revealed that the percentage of companies with a defined Zero Trust initiative more than doubled, rising from 24% to 55% since the report’s release. This data underscores the growing recognition of Zero Trust as a critical framework for enhancing security in the digital landscape. When combined
HOW TO FORTIFY THE LAST LAYER OF SECURITY: THE HUMAN FIREWALL
In today’s ever-evolving landscape of cyberthreats, organizations are increasingly recognizing the imperative of l everaging all available resources to fortify their defenses against potential atta cks. Amid the myriad of security measures, one key resource often overlooked is the educated and trained end user.
with the capabilities of XD r , organizations can achieve comprehensive visibility, rapid threat identification, and effective response, thereby fortifying their defenses against evolving cyb erthreats.
Striving for an optimal security stance requires delicately balancing proactive prevention and agile response capabilities. r obust anticipation and mitigation of threats must be complemented by a nimble and effective reactive capacity, ensuring swift containment and remediation when security incidents arise. By meticulously harmonizing these facets, enterprises cultivate a professional security posture characterized by resilience, adaptability and minimal disruption to core business operations.
element in their cybersecurity strategies. As Tedesco explains, regardless of the number of filters a company incorporates into its security measures, there is always the risk of human error. Mitigating this risk at the human layer can yield significant benefits in enhancing cybersecurity. “It is important to pay attention to an often-overlooked component: the human firewall, the human layer or the eighth layer,” says Tedesco.
“No organization is immune to cyberattacks,” says Tedesco. But by acknowledging the pivotal role of human behavior in cybersecurity, companies can empower their employees through comprehensive education and targeted training, transforming them into an integral and proactive component of the organization’s security infrastructure.
Human error remains a prevalent factor in security breaches, highlighting the critical need for organizations to address the human
researchers from Stanford University and a top cybersecurity organization found that approximately 88% of all data breaches are caused by an employee mistake. This emphasizes the significance of establishing a strong human firewall within organizations. A human firewall consists of educated and aware individuals who can recognize and mitigate potential threats, effectively serving as an additional layer of defense.
To achieve this goal, leading advocate in cybersecurity KnowB4 implements a comprehensive program designed to train the human layer and transform it into a human firewall. By utilizing intelligent and automated campaigns across various languages and platforms, KnowB4 directly targets specific sectors within organizations that are
Co N fere NC e H IGHLIGHTS 19
“Individuals have an untapped potential to act as the ultimate line of defense against cyberthreats”
Dario Tedesco International Channel Manager | KnowBe4
susceptible to cyberattacks, such as phishing. These campaigns are carefully tailored to address the identified risks and mitigate the likelihood of falling victim to such attacks.
Tedesco explains that KnowB4’s services enable the identification of groups of individuals who are more susceptible to cyberattacks. By providing continuous
targeted training to these sectors, KnowB4 ensures that individuals who are prone to falling victim to such attacks, referred to as “clickers,” gain a better understanding of the risks involved and are equipped to comply with security measures.
A study conducted by KnowB4, which analyzed data from its extensive client base of over 10,000 organizations and gathered information from more than 10 million users, found that these campaigns resulted in a significant reduction in the percentage of individuals prone to phishing attacks. Initially, the percentage stood at 32.4%, but after implementing these efforts, it decreased to 17.6%. r emarkably, after 12 months of sustained implementation, this number further dropped to an impressive 5%.
By investing in comprehensive training programs and fostering a culture of cybersecurity awareness, organizations can harness the potential of their workforce to create a human firewall that acts as a robust frontline defense against cyberthreats. e mpowering employees with the knowledge and tools to make informed security decisions not only mitigates the risk of human error, but also strengthens the overall security posture of the org anization.
HUMAN HACKING: BREAKING DOWN SOCIAL E NGINEERING
Malicious actors are increasingly embracing the insidious technique known as human hacking, a form of cyberattack that skillfully exploits the vulnerabilities of human psychology. With social engineering tactics proving remarkably effective in manipulating individuals and coercing them into divulging sensitive information or compromising security measures, the urgency to develop comprehensive risk-management strategies has become paramount. Addressing these concerns, industry leaders at Mexico Cybersecurity Summit 2023 underscored the critical importance of tailoring cybersecurity education and policies to individual company departments. These
policies should establish robust mechanisms to report and verify suspected attacks, while consistently gathering data on the evolving maturity of cybersecurity protocols to combat the growing volume of social engineerin g attacks.
“Social engineering attacks demonstrate an alarming rise in sophistication, with an anticipated shift towards increased personalization, making them an acute and imminent danger. Therefore, empowering users with vital education and robust tools to recognize and counter such threats becomes paramount,” says Jonathan Granados, CIS o, Airbus.
Co N fere NC e H IGHLIGHTS 20
Social engineering attacks, leveraging psychological manipulation to exploit human vulnerabilities, have long been a leading cause of cybersecurity breaches. These tactics deceive individuals into revealing confidential information or bypassing security measures, such as through phishing or pretexting. Notably, a joint study by Stanford University’s Professor Jeff Hancock and security firm Tessian found that a striking 88% of data breaches can be attributed to employee errors. This alarming statistic underscores the critical role of human behavior in cybersecurity. To address this issue, organizations must prioritize education and training initiatives to raise awareness of social engineering techniques and empower employees to recognize and respond to potential threats.
“Conducting awareness campaigns, running simulated attacks and gathering data to identify areas requiring reinforcement are crucial steps toward fostering a proactive and vigilant cybersecurity culture. Consistency in cybersecurity practices is equally vital, ensuring that security controls become automatic responses, akin to earthquake preparedness measures,” says Manuel Villalvazo, Information System Security Manager, L’oreal.
To effectively address the diverse operational needs and varying maturity levels of cybersecurity awareness within different departments, it is crucial to tailor cybersecurity education and policies
accordingly. “Companies should retrofit cybersecurity information and policies to cater to the specific requirements of each department. By doing so, organizations can better emphasize the significance of safeguarding information and data to individuals within their respective roles,” says Salvador Valades, Associate Director - Cyber Security Defense o ps, AstraZeneca. A one-size-fits-all approach to cybersecurity education often falls short in conveying the relevance and importance of security measures to employees. Therefore, internal awareness initiatives need to adopt a more personal and interactive approach to ensure that individuals truly understand the implications of their actions on information security. Interactive training programs and engagement activities can significantly improve knowledge retention and encourage active participation in implementing security controls.
e stablishing robust mechanisms to report and verify suspected social engineering attacks is of utmost importance in strengthening an organization’s cybersecurity defenses. Prompt reporting allows for a timely response to potential threats, enabling organizations to take necessary action to mitigate the impact. Additionally, “it is crucial for companies to effectively communicate the rules and policies developed in response to userreported attacks. This not only reinforces the culture of cybersecurity within the organization but also provides transparency
Co N fere NC e H IGHLIGHTS 21
and clarity to employees, empowering them to actively participate in protecting the company’s information assets,” says Ángel Gangas, Senior Consultant, Mandiant. By fostering an environment where individuals feel confident and supported in reporting suspicious activities, organizations can leverage collective vigilance to thwart social engineering attacks and strengthen their overall cybersecurit y posture.
Gathering data on the evolving maturity of cybersecurity protocols is crucial to effectively combat social engineering attacks. By collecting data from awareness and education campaigns, organizations can gain valuable insights into the state of cybersecurity knowledge within their workforce. “This data serves as a vital resource to identify areas where efforts need to be reinforced. It allows companies to pinpoint knowledge gaps, vulnerabilities or specific departments that may require additional training and support,” says Valades. Data-driven decision-making enables organizations to allocate resources strategically, focusing on the areas most in need of improvement. Moreover, consistent data collection provides a benchmark for evaluating the effectiveness of cybersecurity initiatives over time. By monitoring the fluctuating maturity of cybersecurity knowledge, organizations can adapt their training programs and policies to ensure they remain relevant
and effective in countering social engineering attacks.
“The continuous gathering of data fosters a proactive approach to cybersecurity, promoting ongoing learning and improvement in an ever-evolving threat landscape,” says e rik Moreno, Head of Cybersecurity Services , Minsait.
Looking towards the future, the anticipated personalization of social engineering attacks poses significant challenges and underscores the importance of empowering users with education and tools to recognize and counter such threats. “Threats that can have a profound impact on human lives. A successful social engineering attack can force companies to make difficult decisions, such as laying off employees, which can result in job losses and economic instability. Moreover, in certain industries like mining, cybersecurity breaches that lead to stalled operations can even have fatal consequences,” says Gangas. The potential risks associated with personalized social engineering attacks highlight the urgent need to enhance user awareness and preparedness. Through a combination of education, training and the deployment of robust cybersecurity tools, individuals can become the first line of defense against personalized social engineering attacks, contributing to a safer and more resilient organizational ecosystem.
Co N fere NC e H IGHLIGHTS 22
BUILDING A TRUE CYBERSECURITY CULTURE: POLICY-AS-CODE
To establish a robust and effective cybersecurity culture, organizations must go beyond mere policy documents and strive for comprehensive implementation and enforcement. Policy-as-Code (PAC) emerges as a powerful solution in this pursuit by leveraging the use of machine-readable code to define and manage cybersecurity policies. By translating policies into code, organizations can automate the implementation and enforcement of policies, ensuring consistency, reducing errors and improving operational efficiency, according to industry experts at Mexico Cybersecurity Summit 2023.
Traditional policy management processes relied on manual interpretation, implementation and enforcement, leaving room for human error and delays. However, the adoption of PAC introduces a transformative approach to policy agement.
capabilities that span their systems and networks. The use of automation empowers teams to operate swiftly and consistently, significantly reducing the likelihood of mistakes and ensuring the timely implementation of policies. With PAC the need for manual intervention is eliminated, mitigating the risk of misconfigurations or oversight that can potentially expose organizations to cyberthreats.
PAC presents a significant opportunity for organizations to automate processes that impact productivity and operational efficiency. It is not limited to the realm of IT systems but can be implemented organization-wide. The primary objective of PAC is to assist organizations in implementing cybersecurity practices and codifying their behaviors, ensuring consistency and reducing human errors.
By translating policies into machinereadable code, organizations can leverage automated monitoring and enforcement
To achieve successful PAC implementation, it is crucial to properly identify risk analysis and standards and align them with the organization’s operational processes. This entails considering the organization’s specific assets and threats. furthermore, a strategic planning approach and training of the personnel involved are essential. “Achieving seamless integration requires a great deal of patience to find the appropriate framework that aligns with the maturity level of the companies involved, as well as engaging the right stakeholders,”
Co N fere NC e H IGHLIGHTS 23
“PAC is a framework for automating the information security policies that organizations require”
Julia Urbina Pineda Head of Cybersecurity | CyberIIoT
says e dmundo Lozano, GIS Director and regional CIo, LArN, Whirlpool Corporation.
Prior to applying PAC, companies must make prior efforts in technology consolidation and integration. In this process, identifying the most suitable use cases for automation is crucial given the numerous possibilities. This enables a transition toward a more robust integration within the company, effectively managing and administering automated policies.
With PAC, organizations can leverage policy automation to enhance consistency, reduce errors, and strengthen cybersecurity practices across all levels. By implementing PAC correctly, organizations establish a constant shield of protection that safeguards their assets and ensures safer and more efficient operations.
Culture is one of the pillars for the effective functioning of any organization. A great opportunity lies in establishing a strong partnership between the legal and compliance teams to address digital transformation matters. This collaboration helps permeate the cultural aspect. While companies already have their policies documented, implementing PAC can simplify the operationalization of each policy.
efforts should be made to adapt existing processes, integrating policy automation seamlessly into the company’s workflows.
Collaboration between departments plays a significant role in this endeavor, as it fosters the development of appropriate and relevant policies that reflect the unique needs and challenges of the organization. By aligning efforts and leveraging the collective expertise of different teams, organizations can establish a cohesive approach to PAC implementation, driving cultural change and enhancing cybersecurity practices throughout th e company.
for a proper implementation of PAC, the role of the CIS o is key. “The CIS o needs to be familiar with the overall objectives of the company. With these standards, it is necessary to identify their applicability in a client’s technological environments,” says octavio Martínez Mellado, CIo, eNGIe Mexico.
Artificial intelligence (AI) also plays an important role in the deployment of PAC. But while it is a trendy topic, AI it still needs to mature before its full potential can be leveraged.” AI has the purpose of improving the quality of life for users. Its major challenges lie in ethics and governance to ensure that algorithm design is responsible,” says Manuel Díaz, Cyber Security Director, Huawei.
Defining a gradual implementation plan focused on the rapid adaptation of the organizational culture is crucial. As part of this process, it is important to provide training to the entire organization using digestible content, ensuring that employees can easily understand and incorporate the principles of PAC. f urthermore,
An enterprise should stablish principles of AI governance that emphasize collaboration to serve individuals, prioritizing security and the privacy of personal data. In cybersecurity, AI serves as a valuable support, helping to avoid false negatives in automation. However, the careful handling of data is essential, as it can be susceptible to positive or negative biases. AI should be used to support PAC within an internal corporate environment. Transitioning to an AI model requires working on data and defining data structures to enable its intelligent exploitation. It is crucial to recognize that technology, processes and people are the necessary components for evolution; technology alone is not sufficient.
Co N fere NC e H IGHLIGHTS 24
“Working on a culture involves understanding the UX and creating a set of values while actively promoting the embodiment of these values from top to bottom”
Alfredo Sastré Barraza President | Csoftmty
EXPLORING CYBERSECURITY’S HOLISTIC PARADIGM
In today’s rapidly changing digital landscape, businesses face constant challenges from cyberthreats so it is imperative for them to embrace a comprehensive approach to cybersecurity. This approach should extend beyond technology and encompass various elements such as people, skills, processes and governance. Nevertheless, experts concur that prioritizing a strategy that addresses risks originating from within the infrastructure of the platforms can greatly help organizations stay ahead of the highlyevolving cyberthreats.
The ability to identify trends through data collection is crucial when creating a proactive strategy against cyberattacks, says Alejandro Martínez, Sales engineer Senior, Akamai. By leveraging this valuable data, organizations can anticipate the direction that cyberattacks may take. Akamai, which can measure about 40% of internet traffic, plays a significant role in providing insights into potential cyberattacks and shedding light on emerging trends. “Akamai aims to offer an integral solution, simple and comprehensive,” says Martínez.
During the past few years, companies have seen an evident increase in the number of cyberattacks and their sophistication. This problem will only worsen. “The following years will witness a significant rise in the number of attacks targeting web applications and APIs, and these attacks will also become more complex,” says Martínez. Artificial intelligence is also contributing to the emergence of intricate problems that require complex solutions, while also posing an additional challenge in accurately differentiating legitimate data from potential cyberthreats , he adds.
DDoS attacks are also expected to increase in number. Moreover, the targets of these attacks are expected to shift from the US to the eU, Asia and Latin America. ransomware attacks also surged significantly throughout 2022, and this upward trend is expected to continue.
Traditionally, cybersecurity was relegated to IT departments but the new reality demands active involvement from all levels of an organization. C-level management must embed cybersecurity into the company’s culture, recognizing that every employee has a role in the security chain. This cultural shift fosters awareness and expertise throughout the organization, aligning security objectives with business goals.
Akamai’s efforts in cybersecurity are driven by a commitment to stay ahead of the potential next evolution of cyberattacks, says Martínez. The company prioritizes keeping up with the latest trends in cybersecurity to ensure proactive measures are in place to anticipate and mitigate emerging threats.
Akamai embraces the Zero Trust approach, aiming to establish a delicate equilibrium between a trust-based ecosystem and mitigating risks posed by human misuse of platforms. By adopting this approach, Akamai recognizes that trust is the ultimate goal of implementing cybersecurity
Co N fere NC e H IGHLIGHTS 25
strategies, and strives to create a secure environment that minimizes vulnerabilities and maximizes trustworthiness. “The Zero Trust methodology seeks to reduce operational vulnerability by implementing more rigorous security filters,” Martínez explained.
Segmentation plays an important role in Akamai’s strategy. The company found that by using this approach it decreased the number of possible routes of attack by 98.93%.”Unrestricted access has been catastrophic for businesses, with ransomware attacks costing an average of US$435 million worldwide in 2022,” says Martínez. The main sectors prone to cyberattacks are commerce, high technology and financial services.
Implementing behavioral changes in cybersecurity practices can be challenging, given humans’ tendency to prioritize short-
term gains. To overcome this hurdle, a holistic approach is essential. Holistic cyber resilience entails increasing the scope to identify risks — ensuring that cybersecurity is not an isolated function but an integral part of the organization’s overall operations. “Understanding how internet traffic behaves enables the provision of relevant data regarding potential cyberthreats,” says Martínez.
As cyberthreats become increasingly diverse and sophisticated, embracing a holistic paradigm is the most effective way to safeguard organizational assets and ensure business continuity. Businesses must recognize the importance of long-term security benefits, commit to behavioral changes and prioritize the holistic approach to achieve cyber resilience. By doing so, organizations can protect their digital assets and thrive in an evolving threat landscape.
WHAT SECURITY VENDOR CONSOLIDATION MEANS FOR BUSINESSES
As companies strive to meet the evolving needs of customers as cyberthreats skyrocket, cybersecurity mergers and acquisitions have become increasingly common. This consolidation trend not only points to a maturing and competitive market but also compels cybersecurity vendors to distinguish themselves by delivering comprehensive and holistic solutions. However, the ramifications of vendor consolidation extend beyond mere business
strategies, raising critical concerns about the potential drawbacks and challenges associated with relying on a smaller pool of vendors for fulfilling cybersecurity needs, according to industry leaders at Mexico Cybersecurity Summit 2023.
“Merger and acquisition activities can undermine a company’s cybersecurity strategy, particularly in regulated industries like finance and insurance,
Co N fere NC e H IGHLIGHTS 26
where overreliance on a single provider is discouraged. The potential implications of such consolidation become more pronounced, as organizations strive to maintain a robust security posture while navigating the complexities of regulatory compliance,” says Alejandro Kourchenko, TI Director, Sello rojo.
As organizations grapple with the mounting complexities of cybersecurity challenges, there is an inherent need for streamlined solutions that can enhance their risk posture. Consequently, cybersecurity vendors find themselves under intensifying pressure to differentiate their offer and stand out in an increasingly crowded marketplace. This market demand for consolidation has yielded remarkable results, evident in the notable surge of cybersecurity mergers and acquisitions in recent years. In 2021, the industry witnessed a record pace of consolidation, with 151 transactions occurring in the first three quarters alone, according to 451 research. This represents a substantial increase from the 94 transactions recorded during the same period in 2020. These statistics highlight the industry’s response to the market’s call for simplified and robust cybersecurity solutions.
The pursuit of comprehensive cybersecurity solutions faces a formidable adversary: complexity. In this landscape, cybersecurity vendors bear the responsibility of striking the delicate balance between enhancing security measures and managing costs. However, as the industry witnesses increased consolidation, a reduced number of cybersecurity vendors can give rise to a host of new challenges and risks.
o ne such challenge is the diminished negotiation power for clients. With fewer providers to choose from, “organizations may find themselves at a disadvantage during contract negotiations, leading to potential limitations in the terms and conditions that can be agreed upon,” says Juan Carlos Urquiza, CI o , Quálitas. f urthermore, dependence on a smaller pool of vendors can inadvertently stifle innovation. The
reduced competition and diversity of ideas may hinder the development of novel approaches and solutions, slowing down the pace of innovation within the cybersecurity landscape. Additionally, the costs associated with migrating to a consolidated vendor ecosystem cannot be overlooked.
“The complexities involved in transitioning systems, integrating technologies and ensuring seamless operations can result in significant financial burdens for organizations. These multifaceted challenges highlight the need for careful consideration and evaluation of the potential drawbacks when relying on a reduced number of cybersecurity vendors,” says r ommel García, Cyber Security Partner, KPMG Mexico.
In today’s digital landscape, “cybersecurity must be ingrained within the very fabric of business decision-making processes,” says Kourchenko. This imperative holds particularly true for companies that have recently embarked on their digital transformation journey. Integrating cybersecurity considerations into overall business decision-making is not merely a catch-up exercise, but a critical learning curve that organizations need to navigate with utmost awareness.
While the consolidation of redundant cybersecurity tools may seem tempting, it poses inherent risks that should not compromise the current security levels established. To ensure a seamless transition and optimal security outcomes, “a thorough analysis encompassing various aspects such as governance, services and infrastructure is indispensable,” says García. By embedding cybersecurity into the core of business decision-making, organizations can proactively identify potential risks, implement appropriate safeguards and align their overall strategies with the imperative of protecting critical assets and ensuring resilience against cyberthreats.
The landscape of mergers and acquisitions brings forth profound implications for
Co N fere NC e H IGHLIGHTS 27
a company’s cybersecurity strategy. As organizations navigate the complexities of these business transformations, “there is a growing recognition of the need to form interdisciplinary teams dedicated to developing resilient cybersecurity strategies,” says Abelardo Lara, Country Manager, Veeam. These teams must account for the myriad moving parts involved in integrating disparate systems, technologies and cultures.
The convergence of diverse infrastructures, processes and security protocols can create complexities that require careful consideration and coordination. The seamless integration of cybersecurity practices and frameworks becomes paramount to safeguard critical assets, mitigate potential vulnerabilities and ensure the continuity of operations during periods of tr ansition.
CLOSING THE KNOWLEDGE GAP: EMPOWERING NON-TECHNICAL EXECUTIVES
In an increasingly digitized world, educating boards of directors on cybersecurity becomes essential. Boards of directors must understand their pivotal role in protecting organizations against cyberthreats and making informed decisions in this domain.
It is crucial for C-suite executives to bridge the knowledge gap and actively engage in cybersecurity strategies.
the current mindset, with many boards of directors forming specialized committees to discuss cybersecurity issues in a confidential environment.
organizations often struggle to understand the role of the board of directors in cybersecurity and its level of involvement in this realm. According to the Diligent survey “What Directors Think,” board members ranked cybersecurity as the most challenging issue to oversee, surpassing digital transformation, innovation, new technologies and capital allocation. This demonstrates a growing awareness of the importance of addressing cyber risks from the top of the organization.
r ecognizing the significance of learning, C eo s should prioritize it within the organization and for themselves. This parallels the shift that occurred three decades ago when companies appointed chief data officers to manage increasingly important data, a key to the business’ success.
However, many wonder how to adequately involve boards of directors in this crucial domain. Wo MC y supports this cause by developing programs to increase the talent pool in cybersecurity and promote the presence of women in this field.
Gartner forecasts that by 2025, 30% of boards of directors will have cybersecurity committees. furthermore, there is a shift in
The board of directors is responsible for making key decisions for the company, driving its strategic direction and overseeing resources and investment areas. Their existence lies in ensuring that resources are directed correctly toward the organization’s growth. In addition to these responsibilities, they must address cybersecurity as an integral part of their business management strategy.
Boards of directors must address critical decisions related to cybersecurity, including determining when an attack could occur, assessing the organization’s readiness to detect and stop it and mitigating its effects to return to normalcy as fast as possible. Directors must also understand the risks associated with the company’s reputation and business disruption.
Co N fere NC e H IGHLIGHTS 28
“Cybersecurity is one of the most dynamic areas in technology. It changes significantly from year to year”
Leticia Gammill Founder and President | WOMCY
To effectively address cybersecurity, boards of directors must consider some fundamental principles, such as making cybersecurity easy to understand, closely aligning it with the business, considering it a responsibility of all organization members and fostering motivation toward cyber protection.
Directors should define a clear plan and be prepared for an eventual cyberattack. To do so, education of board members is key, as it enables them to make informed decisions regarding cybersecurity. “Proactive education of board members is essential to mitigate cyber risk in an organization,” says Gammill.
Comprehensive education goes beyond data protection; it also addresses risks to reputation and business continuity. It is also
important to adopt a zero-trust policy and stay informed about new laws and policies that may influence the organization’s cybersecurity strategy. f urthermore, engaging experts and establishing formal education programs for directors can make a difference in preparedness and response to cyberthreats.
The board of directors must take responsibility for overseeing cybersecurity risks. This entails defining the organization’s risk tolerance and conducting formal annual reviews. Moreover, it is crucial to create and implement practical tests rather than leaving strategies only on paper. This will ensure that the organization is prepared to identify and mitigate risks in an everevolving cyber environment.
SASE: A NEW APPROACH TO NETWOR K SECURITY
With the exponential growth of cloud services and the pervasive use of mobile devices, traditional perimeter-based security models are struggling to keep pace with the evolving threat landscape. In response to this challenge, a new approach called Secure Access Service edge (SASe) has emerged, providing organizations with a unified and scalable security solution delivered as a service.
“SAS e is not the evolution or an update of SD-WAN; it is not about adding a new module. It is a concept of architectural
simplification in terms of network and security,” says José Carlos Herrera, CIS o Central, Sigma Alimentos. “SAS e avoids the complexity of managing and deploying different services. The adoption of SAS e is projected to increase by up to 50% by 2025,” he says.
SAS e combines network security functions with WAN capabilities to support the dynamic secure access needs of organizations. These capabilities are delivered primarily as a service and based upon the entity, real time context and
Co N fere NC e H IGHLIGHTS 29
security/compliance policies. The adoption of SASe raises significant concerns regarding implementation in security architecture, as it differs from traditional network perimeter models, explains elvira Sánchez Chapa, CISo, Transparentia. Thus, it is crucial to carefully consider its implementation to ensure smooth operation and interoperability.
Some experts believe that SASe is more of an architectural concept, and part of the challenge in its implementation lies in the overall task that organizations face today: unifying all the elements, services and platforms they use.
to be comprehensive in protecting data, acknowledging that users’ management of data is an important layer in its protection.
Sánchez recognizes SAS e as a factor that can contribute significantly to the deployment of cybersecurity, continuity and operational assurance strategies. SASe can be identified as a robust backbone for organizations, he adds.
Technology evolution has become closely intertwined with network architecture. “If a strategy is designed around SASe, the entire infrastructure and telecommunications area must be aligned,” says Alejandro Tinoco, CISo, farmacia San Pablo. This design should be developed around the user’s viewpoint and should focus on their experience, adds Tinoco. To achieve this user-centric approach, it is important to first identify and classify critical information and assets. “ failing to take this step could cause the strategy to collapse,” he adds.
f urthermore, the risk posed by users themselves is becoming increasingly evident for organizations. According to Castillo, there are more and more solutions that recognize the need for their offerings
f urthermore, despite the availability of numerous solutions, it remains essential to leverage the traceability of tools used within the organization and understand their usage to classify areas of utmost importance for the SAS e strategy, explai ns Tinoco.
Co N fere NC e H IGHLIGHTS 30
“Currently, remote work, service segmentation, the cloud and other factors raise the central question: how can we securely manage all segmented operations?”
Ramón Castillo Sales Engineering Manager Mexico | Forcepoint
o ne sector where data protection and management are crucial is healthcare. Digital health has experienced significant growth and has further evolved following a customer-centered strategy. Due to the sensitivity of the information, the architecture must have a holistic design at its core, says Gustavo García Arellano, CISo, Christus Muguerza.
to SAS e . The protection and identification of critical data allow for the development of appropriate authentication policies,” says Sánchez.
However, organizations should not consider SAS e as the final solution for data security. “While it facilitates and improves security management, there is an extensive path to implement this strategy that should also be defined from various business areas to determine the most valuable information worth visualizing and monitoring,” says Tinoco.
As operations are dispersed across different platforms, clouds and applications, the risk perimeter has not expanded; it has divided into smaller perimeters, says García. These smaller perimeters also require customizable policies for protection.
The increasing dependence on cloud services is causing complexity but SAS e ’s distributed nature can help to maintain visibility and control over data traffic, says Sánchez. Additionally, should not only monitor access architecture but also include control and visibility over user activities and the data they process. In these circumstances, a Zero Trust strategy can be useful when continuously analyzing and validating user identities.
“A Zero Trust strategy is closely related
To ensure the robustness that SAS e can provide, the protection of connectivity must be guaranteed, and the distributed nature of information across different locations must be considered, adds Herrera. Moreover, the main challenge is no longer just managing different technical teams and support in different locations but also the possibility of these being handled by different companies. These circumstances bring a significant challenge in terms of talent training to address any potential incidents.
Co N fere NC e H IGHLIGHTS 31
“Knowing what information we have and how interoperability areas are configured allows us to understand the capability of our platforms to communicate with each other. If these areas are not identified, it is difficult to determine vulnerability point”
Gustavo García Arellano CISO | Christus Muguerza
www.mexicobusiness.mx
