What do companies like X, T-Mobile, Paypal, Duolingo and Microsoft have in common? They were all victims of cyber attacks in 2023, the year in which 1 in 10 organizations worldwide were the target of attempted ransomware attacks, a 33% increase on the previous year, according to research by Check Point.
The sophistication and volume of digital offenses has put Brazil on red alert. The country is the second most vulnerable to hacker attacks, according to Trend Micro, a cybersecurity solutions company. Behind only the United States, Brazil had billions of threats blocked in the first half of 2023.
Against this backdrop, we interviewed Inteli professors Rodolfo Goya and Victor Hayashi to better understand the challenges and strategies needed to strengthen cybersecurity in organizations.
Cybersecurity must be a strategic priority
As the digital transformation advances, impacting companies of all sizes and sectors, the importance of adapting to this new scenario becomes clear. The digitization and automation of processes not only increase operational efficiency, ensuring greater competitiveness, but also expose organizations to new risks, such as fraud and cyber attacks.
It is essential that, in this transition process, the protection of data and systems is prioritized. The adoption of robust cybersecurity practices must be seen as a strategic component, ensuring that technological innovation is accompanied by the security needed to mitigate the risks associated with the digital environment.
Cybersecurity challenges
The Global Threat Report 2024 by CrowdStrike highlights a cybersecurity landscape in 2023 marked by sophisticated and diverse attacks. Ransomware and data extortion were predominant methods, with a significant increase in the number of victims listed on websites dedicated to leaks.
The research shows growing concern about attacks that exploit supply chains and third-party relationships, as well as the abuse of end-of-life (EOL) products to avoid detection. Exploiting vulnerabilities in peripheral network devices was a common tactic, reflecting a shift in attack techniques to avoid detection by traditional security tools.
Rodolfo stresses that companies need to be aware of the challenges and adopt proactive and layered approaches to protect their digital assets and mitigate cyber security risks. "It is also essential to develop a corporate culture of security and keep technical staff technologically up-to-date," he adds.
Paths to the Future
Defense strategies include the adoption of emerging technologies. Victor emphasizes the crucial role of artificial intelligence and machine learning, which are "transforming cybersecurity by enabling faster and more accurate responses to threats".
Security in cloud/edge computing and IoT, and the pressing need for secure cryptography in the face of advances in quantum computing represent essential frontiers in data protection.
Another important point is the creation of a safety culture, which must start with making employees aware of the risks and adopting practices. "Leaders should be the main promoters of this culture, encouraging an integrated security approach and open communication about incidents," Rodolfo stresses.
Tips for small businesses
Small and medium-sized companies that are starting to invest in cybersecurity need to periodically reassess the prioritization of measures to control the company's level of security. "The natural tendency is to put cybersecurity on the back burner in relation to business initiatives and even consider cybersecurity as a cost, which is a big mistake for companies of any size," warns Victor.
Another important point is to establish clear and comprehensive security policies to guide employee behavior and define the company's security practices. "This can include policies on acceptable Internet use, access to systems and mobile devices, among others," explains Rodolfo.
Training Leaders in Cybersecurity
To meet the ever-evolving challenges of cybersecurity, it is crucial to master a variety of knowledge, from applied technology to awareness about adopting safe practices. "Inteli is at the forefront of this scenario, offering a teaching approach centered on Technology and Leadership, enabling students to confidently lead the complex tasks required to ensure effective cybersecurity," says Professor Rodolfo.
With a comprehensive curriculum that integrates specific security content from the undergraduate level, and the development of an ongoing postgraduate program in cybersecurity, Inteli remains committed to providing our students with the skills and knowledge they need to excel in this crucial and constantly evolving field.
