Cybersecurity Needs to Be a Comprehensive Business Concern

Q: What is Brier & Thorn’s view of the cybersecurity performance of the Mexican market over the past year?
A: We observed an interesting landscape in the Mexican and Latin American market in terms of cybersecurity over the past year. We experienced a significant increase in ransomware incidents, reflecting worrying indicators about the state of cybersecurity. The region’s strong cultural preferences continue to favor reactivity rather than prevention, profoundly affecting all economic sectors. This approach has led many organizations to implement measures only after suffering incidents, leaving those that have not been compromised or have not detected compromises in a vulnerable position due to the lack of adequate preventive investment.

Mexico is an attractive target for attackers – it is the second most attacked country in Latin America. Cybersecurity awareness is growing, however, in part driven by several recent incidents. But the country still faces a challenge in integrating cybersecurity as a comprehensive business concern. 

Q: How does Brier & Thorn’s managed detection and response (MDR) service align with the specific needs of the Mexican market? 
A: We have adopted a holistic approach to cybersecurity that encompasses three main areas: preventive, defensive, and offensive. The preventive area emphasizes awareness and compliance. It integrates practices to ensure that cybersecurity is an integral part of business operations, while complying with international standards and providing a robust framework to ensure information security. The defensive area conducts mock attacks to evaluate the effectiveness of the defenses in place and identify potential vulnerabilities. Our security operations center (SOC) operates 24/7, actively monitoring enterprise networks to detect and respond quickly to threats. 

Decision-makers in Mexico are showing a growing interest in ISO certifications and emerging technologies. The adoption of technologies such as end-device protection (EDR) and continuous network monitoring is still at an early stage, which highlights significant areas of opportunity to improve cybersecurity in the country.

Q: How have Brier & Thorn’s proactive defense and tailored cybersecurity solutions benefited companies in Mexico? 
A: We recently worked with a company that had integrated numerous APIs without a thorough security assessment, which created significant vulnerabilities in its infrastructure. We performed a specific penetration test on the APIs, revealing multiple vulnerabilities that could have compromised the company’s security. We worked in phases, not only addressing the technical aspects, but also improving its operational processes to ensure a secure implementation of technologies. This included implementing appropriate technology controls and a robust detection strategy, considering the complexity of managing more than 80 APIs effectively.

This case illustrates how cybersecurity goes beyond technology, becoming a business culture that must be integrated, from operations to strategic development. It is a clear example of how solutions must not only identify and resolve technical vulnerabilities, but also strengthen the security and responsiveness of organizations in the face of increasingly sophisticated threats.

Q: How is Brier & Thorn promoting the inclusion of female leaders in strategic roles within the company? 
A: Our founder, a US hacker and member of the LGBT+ community, established a clear commitment to equal opportunity from the company's inception. We actively promote the inclusion and development of female leaders in strategic roles within our company. This commitment is rooted in our organizational culture, which celebrates diversity and talent regardless of gender, with more than 50% of our management positions held by women.

We collaborate with local organizations, such as Tijuana Innovadora, to raise awareness and provide essential resources. This includes promoting courses, certifications, and educational opportunities in technology and cybersecurity. By making these resources accessible, we are cultivating a more inclusive and diverse environment throughout the industry.

I am part of initiatives such as WOMCY , which focuses on empowering women and girls in cybersecurity from a young age. It is crucial to act from the formative stages to close the industry’s gender gap, ensuring that women see cybersecurity as a viable option from a young age. 

Q: How is Brier & Thorn adapting its cybersecurity services to meet the specific needs of companies moving their operations to the region due to nearshoring? 
A: We tailor our cybersecurity services to offer dedicated solutions. Our services include the assignment of specialized cybersecurity engineers, both for specific periods and for the particular operational needs of companies moving their operations to the region. We also offer vendor assessments, risk analysis, and tailored awareness programs, educating boards of directors and other stakeholders on security best practices.

Q: How is Brier & Thorn using AI to not only defend its customers against these threats, but also to proactively anticipate and mitigate potential security breaches?
A: We use AI in this regard. We recognize that AI is critical in optimizing and automating the vast amount of data we handle, as it allows us to contextualize information, detect patterns, and correlate data efficiently. This helps us to be more accurate and effective in detecting threats, helping our analysts to make faster and more informed decisions in protecting our customers.

AI not only enhances our incident response capabilities, but also plays a crucial role in early identification of vulnerabilities and continuous adaptation of our cybersecurity strategies. While we recognize the challenges and risks associated with AI, we believe that its proper integration into our operations strengthens our ability to address emerging threats in an increasingly complex and dynamic digital environment.

Q: What are Brier & Thorn's plans to expand its presence and service portfolio in key regions of Mexico? 
A: We are focusing primarily on expanding our geographic presence and service portfolio. We recently launched a new look and feel that reflects our adaptation to market needs, showcasing our specialized cloud solutions and proactive response to cyberthreats. 

We are also excited to participate in the Partnering in Business with Germany initiative, a collaboration between the Mexican Ministry of Economy and the German Ministry of Climate Action and Economy. This collaboration seeks to strengthen economic and technological ties between the two countries. It will allow us to explore new technologies and legislation, while anticipating how these trends may influence the Mexican market in the long term.