Mexican companies are vulnerable in cybersecurity for not making investments

Recently Publimetro has revealed a series of hacks, leaks and cyber attacks – such as the case #ChilangoLeaks– which have affected millions of internet users in Mexico. Although in many cases the authorities have remained silent on the matter, the reality is that the country still has a lot to improve on issues such as a culture of prevention and direct care.

In this regard, Publimetro spoke with Antonio García Romero, CEO of Teldat, one of the cybersecurity companies with the greatest presence in the country. To show a button: Teldat -of Spanish origin- is a company whose mission is to provide companies with valuable solutions for access to the cloud, remote communications in offices, cybersecurity and voice/data connectivity both in the office and in specific environments, whether industrial, railway, vehicular or public services.

With a strong avant-garde vocation, Teldat invests heavily in research, development and innovation, using highly innovative and sophisticated technologies such as network virtualization, artificial intelligence, Federated Learning, 5G and DLT in the design and development of its solutions.

García Romero remembers that the population faced a paradigm shift driven by pandemicwhich has led to a significant increase in telecommuting and connectivity from home.

This change, while offering additional conveniences to users, also opens new doors to users. cyber attackers. From unsecured connections to vulnerable home devices, the risk of infiltration y data theft has increased significantly.

In this sense, García Romero emphasized the need for a continuous renewal in terms of cybersecurity. He stressed that organizations must be aware of their threat vectors and allocate adequate budgets to address these concerns.

In addition, he highlighted the importance of active protection, using technological tools such as DLP and CASB to control and protect the confidential information.

When discussing the types of information most susceptible to theft and the most common attack methods in Mexico, García Romero identified three blocks main: economic, intellectual property y geopolitical. From purely financially motivated attacks to intrusions aimed at obtaining trade secrets or political influence, the spectrum of threats is broad and diverse.

However, he noted that awareness of cybersecurity It must start at the individual level. He highlighted the importance of understanding the value of one’s data and taking proactive steps to protect it, from simple measures such as covering cameras to investments in advanced security technologies.

Questions and answers with:

Antonio Garcia Romero, CEO of Teldat

How do you see Mexico on the issue of cybersecurity? What needs to be done so that hacks and leaks are not so frequent?

– What is happening a little is that society is changing, in the sense that – due to the issue of the pandemic – many organizations no longer force workers to come to the office, they are applying teleworking policies. These employees connect through laptop PCs with residential lines, even using their partner’s PC or a game console, which often do not have a state-of-the-art firewall. In the end, they continue to connect to critical applications within organizations and handle sensitive information.

And not only that, but within the homes themselves. For example, on my last trip to Mexico City, in one of the houses where I was invited to dinner, they had a lot of devices related to home automation, such as smart cars. They were talking about sensorization, for example, to regulate the hot water in the pool. All of these devices were connected to a central platform that was also susceptible to hacking.

So, new technologies allow new conveniences for users, but at the same time they carry greater risks from a cyber point of view.

We, in Mexico specifically, work with an environment in which 70% of current banks trust our technology. We have clients such as Banorte, Banjército, HSBC, Santander and Bancomer, and in many of these cases we not only provide them with connectivity, but also the cybersecurity part. I could tell you that all of those clients are now ahead of the curve from an attack standpoint.

The thing is that it requires continuous renewal, that is, you cannot invest in a technology today and expect it to continue to be effective in one, two or three years. Criminal organizations are structured with a CEO and an R&D department, just like any private company. Therefore, they are constantly recycling and inventing new attacks.

What should companies be doing in terms of cybersecurity?

— The first thing of all is to be aware that they have a threat vector. And being aware is not enough, but they must allocate a budget from the balance sheet – within the CISO (Chief Information Security Officer) of the organization – to be able to take charge of these possible threats.

Protection that cannot be passive. Sensitive information, that is, data protection, is protected with DLP (Data Loss Prevention) themes, which aim to control sensitive information that could circulate within the organization. To do this, there are technological tools such as CASB (Cloud Access Security Broker) that prevent people from transferring payroll or confidential employee data, and that control access to all that information. So, it is necessary to provide awareness and a budget.

Obviously, this budget must be put into practice with investments within the company or within the users themselves. But we are talking about large multinationals and also small companies. Here I have known a small dental practice, for example, with two or three dentists and a limited number of patients, where they had encrypted the database and were asking for a ransom to be able to decrypt it. So, in the end, it is something that cuts across all industries and the only way to protect yourself from these attacks is by raising awareness and investing in new technologies.

What type of information is most susceptible to being stolen from companies in Mexico and what is the most common form of attacks in the country?

—If I had to venture to classify, as a good engineer, I would say that there are three large blocks. The first of all, which is the one we know the most, is everything related to something that seeks an economic impact. That is, I want to carry out an attack on your organization, on you as a person or on any type of machine, and I want to obtain an economic return. This can range from simply locking you out of all ATMs so users cannot access their money, to blackmail with confidential information that threatens to be published if a ransom is not made. In short, they pursue only economic benefit.

The second block is everything related to intellectual property. I, as a company, want access to your R&D or classified information to use it in the development of my own business or to auction it to interested third parties. A typical example would be the technology of future graphene batteries, where whoever holds the key to their manufacturing has a significant advantage in the market.

The third block is everything related to geopolitics. A concrete example is when the US government invaded the Iraq War and focused its efforts on disabling nuclear infrastructure.

Also, in Mexico, Spain, and Latin America, there are cases of information that can be harmful to a political candidate, or to public safety, such as leaving entire neighborhoods without electrical connectivity and increasing the number of robberies. In short, it is about protecting critical infrastructure and sensitive information within governments, which can also be susceptible to attacks.

Once we understand what the cyber attacker’s goal is, whether it’s money, intellectual property, or something strategic, we can protect those assets in the most appropriate way.

Many times we think from “How am I going to be a victim of attacks?” or even “It’s not going to happen to me” and many times, because you think that way, sometimes you don’t invest.

—We are not aware of this, are we? We always think that the information we have access to may not be interesting to anyone else. Who would want to see my payroll or my family photos? But if you manipulate that information maliciously and make it public, imagine election campaigns like the famous Cambridge Analytica case. There was access to information about the tastes and behaviors of users, and based on that the voter profile was calculated to send personalized advertising messages, with the aim of influencing the outcome of the elections and potentially determining who would be the future president. of the government.

Then, that information that seemed trivial, such as favorite soccer team, family photos or payroll, turns out to be of great importance on a global scale.

What message would you like to give to the general public and companies in the country?

— The cybersecurity message must come from the individuals themselves. We need to be aware of the value of our data and how to protect ourselves, even as we enjoy the conveniences of technology. For example, a smart television that connects to the Internet and downloads applications, and that also has a camera for video calls, is also susceptible to being hacked and that information being accessed. Therefore, we should all be aware that we are eventually susceptible to being hacked and take appropriate measures to protect ourselves.

These measures can be as simple as putting a stamp on the camera, something I see many times in the R&D department. At more advanced levels, it means having a next-generation firewall with artificial intelligence capabilities. We must seek the appropriate balance in cybersecurity, and follow the TTPs (techniques, tactics and procedures), considering the risk versus weighing the value of our information.

It is important that this awareness of cybersecurity extends from the individual to organizations, governments and operators. For example, when a carrier provides connectivity, it must ensure that it is secure so that users can trust that their information will be transmitted appropriately.

At Teldat, we can help companies, organizations and small and medium-sized businesses that do not want to spend a large budget on cybersecurity, but want to feel protected. We can provide solutions that act as a barrier to entry to cyber attacks, even with a modest budget.

I like to use the example of the storage room where my bicycle was stolen. There were 20 storage rooms together, but they only entered 10, including mine. Why didn’t they enter the other 10? Because they had a special lock and an additional barrier. Like a thief, a cyber attacker looks for the easiest route. If you put deterrents on him, such as a double lock or a deterrent light, he is less likely to attack. This can transfer the risk to the neighbor, which may not be supportive, but also applies in the world of cybersecurity.