Increasingly numerous and sophisticated cyberthreats are nowadays sowing increasing panic among companies and users. The trade reviews Computing and Redes Telecom have therefore organized the First Ransomware Forum (primer Foro Ransomware) with the top cybersecurity experts to guide organizations about how best to safeguard themselves.

Forum speakers spoke about the need for more transparency and collaboration among companies in their cybersecurity dealings, in order to best fend off such attacks as last May’s wannacry episode, mitigating their effects.

GMV, as a benchmark cybersecurity firm, naturally gave its point of view. Javier Osuna García-Malo de Molina, Head of the Consultancy, Security and Processes Division of GMV Secure e-Solutions, took part in the panel discussion “Permanent battle against cybercrime”.

In Javier Osuna’s words “firms are now immersed in a constant process of digital transformation, in so doing radically shaking up their relations with clients, employees, suppliers and the public at large. The takeup of new technologies seeks, among other things, to boost efficiency, increase the customer base, cut the time to market and harness the full benefits of relocation and internationalization, etc. In counterpoint to all these benefits, this transformation also poses risks stemming from international and industrial espionage, cyberterrorism, organized crime, common criminals, former employees, current employees (or subcontracted staff) the disaffected, etc… each one of whom knows how to exploit any loopholes for robbing information or simply wreaking havoc …”

One of the most headline-grabbing ransomware events of recent times was the wannacry attack, even though, in terms of real impact, it ended up as practically a “footnote”. As of today ransomware is a profitable business but it is still the malware low-cost. “The worst is still to come and organizations need to get ready for it” declared Javier Osuna. He adds “an organization’s biggest problem nowadays, just as it was twenty-odd years ago, is ignorance of the assets it possesses, what they are used for and who can use them. The most important factors at the moment are where this information and systems can be accessed from and their importance in business processes. On the other hand, one of the worst things that might happen to any organization is unawareness that its critical infrastructure and systems have been jeopardized or similar blitheness of what moment its systems might fail or could be used for undesired purposes”.

From GMV’s point of view there cannot be a single, one-size-fits-all security strategy for all organizations. Concerns and solutions vary greatly in each case, depending on size, degree of maturity, budgets and the sector they trade in. While we gaze into our crystal ball to see what’s coming, it is crucial to be prepared and have our homework done …

Obviously, anyone whose homework has fallen into arrears should now concentrate their efforts and resources on the most urgent matters, overriding the merely important. An emergency situation is no time for seat-of-the-pants strategies, raising user awareness, stocktaking, identifying responsible parties, determining what assets are used for or making new friends. For those who have done their homework, their concerns and strategies should focus on the hotpoints: cloud protection, adoption of security in the organization’s processes from definition, continuous integration security, mobility strategies and solutions, security hardening and application of Big Data and Artificial Intelligence, optimization of existing resources to bring them into line with regulations, etc….

We at GMV are specialists in offering our customers value-added solutions and services, especially when the problems are new. For us this represents a challenge, a chance to innovate.