Mexico Business Forum 2024: Cybersecurity Recap

As digitization becomes paramount for businesses in any industry, cybersecurity stands as a priority to safeguard client information and ensure operation continuity in an environment of increasing cyber threats, agreed experts at Mexico Business Forum 2024.

The event kicked off with the presentation of "Cyberdome 360°, Total Cyber-Sec's cybersecurity strategy, highlighting the growing threat posed by ransomware attacks to companies worldwide, with the average financial impact of a data breach estimated at around US$4.54 million. Francisco Sandoval, CEO, Total Cyber-Sec, emphasized the need for proactive and comprehensive solutions to address this threat landscape. As a result, CyberDome 360°, offers a comprehensive cybersecurity solution designed to effectively counter ransomware attacks and protect companies from their adverse effects, including several layers, from critical asset analysis to early threat detection and immutable backups, offering a holistic defense against constantly evolving cyber risks.

In the context of optimizing cybersecurity investments, Juan Carlos Cortés, Senior Sales Consultant, Netrum, highlighted the importance of quantifying cyber risk for enterprises and proposed the implementation of SITA, a platform designed to revolutionize the understanding and management of cyber risk. SITA offers CISOs a powerful tool for determining appropriate security investments, balancing risk objectives and budgetary needs. The platform addresses risks beyond assets by considering the human factor, evaluating personnel behaviors and internal process failures. In addition, it facilitates the estimation of ROI for each control implemented, promoting its adoption as standard practice in a complex and threatening digital environment.

Panelists from Fairplay, Stori, Minu, UnDostres, and Rankmi highlighted the vulnerability of SMEs and startups in the field of cybersecurity, compared to large companies, due to limitations in resources and capabilities. According to Fortinet, Mexico leads in cyberattacks in Latin America, with SMEs representing 99.8% of the targets, according to INEGI. The lack of dedicated teams and adequate resources hinders investment in training, cybersecurity tools, and regulatory compliance. Despite this, Stori's CISO, Omar Herrera, highlights the ability of SMEs to address cyber threats with proper guidance. Adequate staff training is highlighted as crucial, with an emphasis on management to prevent human error.

Given the increasing complexity of technology stacks, which presents significant security risks, from vulnerabilities due to obsolete software to challenges in the timely implementation of security updates, Rafael Verduzco Vázquez, Co-Founder and CTO, Zenda, noted that the adoption of new technologies can expand the attack surface, especially without a well-defined strategy. Federico Cedillo, CIO and CTO, Financiera Contigo, emphasized the importance of a good architecture to enable effective control. The adoption of approaches such as containers, microservices, and Infrastructure as Code (IaC) offers an efficient strategy to reduce complexity and improve security. Santiago Fuentes, Co-Founder and CEO, Delta Protect, points to the need for an internal technology evolution rather than a purely compliance approach. He expects greater collaboration between service providers to offer integrated solutions that address the specific needs of the Mexican market, thus promoting a more secure and efficient technology ecosystem.

Experts also outlined potential risks and ways to safeguard Mexico's financial ecosystem, crucial for economic stability, noting the importance of detecting and preventing cyberattacks and highlighting the continued vulnerability of the interconnected financial sector. The interconnectedness and interdependence of financial institutions and markets can magnify the impact of cybersecurity events by affecting not just one but all institutions at once, jeopardizing the economic stability of countries. However, resistance to change in financial institutions, insufficient resources for stress testing, and the need for international coordination are challenges to overcome. To address this issue, panelists at MBF 2024 pointed out some key points. The need to adapt regulatory frameworks to address evolving financial and technological risks, identifying weaknesses through stress testing, and reanalyzing causes of past crises are essential steps, while constant adaptation of regulatory frameworks is crucial to address emerging risks in financial markets. 

As René Agüero, Director, Security Specialization, Splunk, pointed out, cybercriminals are becoming increasingly strategic in their cyberattacks. The ransomware market, valued at US$25 billion annually, is reinvested in developing new attack methods. The proliferation of threats such as APTs exceeds the capabilities of SOCs and monitoring systems. In response to this, the executive offers a comprehensive approach to security, with risk-based authentication as a key element. This approach requires not only advanced technology, but also cybersecurity awareness among staff. However, implementation faces challenges, while the synthesis of human and technological expertise is essential. In Agüero's words, "we need training to prevent alert fatigue."

Also, during MBF 2024, the risk-based vulnerability management approach was highlighted as a critical strategy to address security challenges in the Mexican market. With more than 94 billion cyberattack attempts recorded in Mexico in 2023, the need to adopt strategies that prioritize resilience and effectiveness in risk mitigation has become a business priority. Close collaboration between senior management and the cybersecurity team stands out as crucial to ensure operational continuity, as noted by Erwin Campos, Global CISO, Bimbo. This approach implies a paradigm shift, where priority is given to identifying and mitigating vulnerabilities that represent an imminent risk to the organization. It also highlights the importance of communicating the business impact of vulnerabilities, using a business language understandable to managers, as suggested by Óscar Caballero, Cybersecurity Lead Partner, KPMG Mexico. 

Praveen Sengar, Global CEO, ETEK, highlighted the need to adopt a proactive approach toward cybersecurity, emphasizing the importance of effectively mitigating risks and protecting sensitive data. Proactive cybersecurity involves anticipating and preemptively addressing potential cyber risks before they become significant threats. However, the executive noted that this shift is not easy and requires a unified effort, strong leadership, and change management strategies. ETEK proposes a multi-faceted approach that includes asset and threat contextualization, comprehensive IT infrastructure visibility, end-to-end platform coverage, and security awareness and programs for staff. Sengar stresses that this approach not only protects the integrity of the organization, but also strengthens the resilience of the broader ecosystem in which it operates. 

On the topic of third-party cybersecurity risk assessments and associated negotiations, the growing strategic reliance of companies on outsourcing was highlighted, leading to cybersecurity vulnerabilities. Cybersecurity experts stressed the need to establish legal frameworks that allow companies to better determine the level of involvement of their suppliers to mitigate risks. Outsourcing was recognized as a vital strategy for companies in various sectors, albeit with cyber risks. Marco Antonio Castilla, CISO, AVIS Mexico, warns that more than 30% of successful cyberattacks come from the supply chain. Jenny Mercado, CISO, Odessa, emphasizes the importance of attending to suppliers, regardless of their size, as they also outsource processes, increasing vulnerability. In response, a comprehensive solution is proposed that includes a thorough assessment of suppliers and the negotiation of robust contractual agreements in cybersecurity. For this, Felipe Absalon, Bayer's Information Security Officer, highlights the close collaboration between the cybersecurity and legal teams to formulate appropriate contractual clauses. In addition, Mercado highlights the need to classify suppliers and make them aware of cybersecurity measures, avoiding excessive technicalities. These actions not only benefit the company, but the entire business ecosystem.

Alejandro Dutto, Director of Security Engineering for Latin America and the Caribbean, Tenable closed the cybersecurity section of MBF 2024, as he talked about cybersecurity-related aspects of protecting cloud-native applications and identity management, highlighting the growing importance of taking a proactive approach to cloud security, underscoring the need for robust solutions capable of defending against sophisticated cyber threats. Dutto emphasized the critical need to manage identities and access privileges in an ever-expanding environment, in addition to highlighting the importance of collaboration between security teams and IT departments in implementing effective security measures, as well as the need for comprehensive solutions that address aspects such as infrastructure management as code, compliance and vulnerability scanning. In this context, CNAPP emerges as a cutting-edge security platform designed to protect cloud-native applications and associated infrastructure, offering advanced threat detection and real-time response capabilities.