More than one-third of people nowadays have access to a smartphone; they interact with their devices approximately 60 times a day. As such, the demand for connectivity has increased, and so have the risks in the security of such data and information.
The increased use of the cloud has created many positive outcomes in the spread of information and education. However, it has also created new risks and threats, often intentionally coordinated by organized crime groups and terrorists.
The wave of digitalization is such that, by 2025, many of the technological resources of public and private organizations will adopt cloud strategies.
During Liberty Network's LINKS Conference sponsored by Fortinet, we heard from Arturo Torres, FortiGuard Security Strategist. Torres argues that the continuous increase in demand will only exacerbate the challenges in information security. The key, Torres asserts, is how we react to these threats to decrease the impact on businesses and countries alike.
Cyber threats in Latin America are here – and more to come
As much as we normalize the conversation around cybersecurity, hackers, and phishing, very few can truly grasp the severity of the issue.
For example, many countries in Latin America have been significantly affected by the consequences of cyber attacks in recent years. Information security has been highly compromised in some Latin American countries to the extreme of declaring a State of Emergency, impacting businesses and day-to-day lives.
Fortinet has detected 14 billion cyberattack attempts per year in Latin America, including attacks on devices and networks. The most attacked countries in the region are Brazil and Mexico, among other countries with significant digital exposure and broader bandwidths.
The industry has seen an increase from 15% to 24% of successful cyberattacks in Latin America annually. At this rate, Fortinet predicts that by 2026, the total cost of cyberattacks will hit $10 trillion and will include extortion, ransomware, and other cybercrimes.
"Digital acceleration will not stop, but we must understand the responsibility that this carries: if our business handles data, this represents added value for cybercriminals," said Torres. Data carries value that fuels the digital economy, regardless of sector, industry, or geographic region.
Cybersecurity strategies as a requirement to do business
Above all, the concern of information security goes beyond the continuity of business. According to Patricia Manzano, Liberty Networks Country Manager for Colombia, one of the biggest concerns in the industry is the security risks posed on the clients.
"There is a lot of fear. We are talking about the healthcare industry, for example, where regulations are no longer enough," Manzano said. "The regulations only guarantee monetary protection in the case of an attack, but they do not prevent the risks posed on confidentiality," she continued.
Cybersecurity has become an important deal-breaker for companies looking to hire software, AI, and cloud-based services. Clients are prioritizing and looking for servicers that have solid response plans, especially as SaaS companies are facing increasing risks to their servers and networks.
Many companies are now requiring that SaaS and other service contractors pass their cybersecurity tests and provide proof of compliance. These processes, along with insurance policy access and other reassurance strategies, are now included in contracting deals in many industries.
Framework on strategy design from a CISO
According to Felipe Ruiz, CISO of Liberty Latin America, the best action is to be proactive.
The first step to proactivity regarding cybersecurity is to be highly sensitized; to fully accept that security is needed and why.
Secondly, it is crucial that all information security teams and leaders have a clear inventory of their assets and what needs protection (a database of all assets). Be clear on what the critical assets are and processes that need a guarantee of continuity.
Finally, it is important to familiarize yourself with the most common methods of attack on the type of assets you're prioritizing. This will help to set a framework for your response strategy.
"We can never guarantee that something won't happen. Something will always happen. It is a question of what will happen and how we will respond," asserted Ruiz.