Certified Professionals in Information CybersecurityBy Cinthya Alaniz Salazar | Tue, 02/22/2022 - 09:57
Q: As a cybersecurity company, why did Cero Uno decide to specialize in information security and how does its consulting services differ from its competitors?
A: Cero Uno is one of the few cybersecurity companies that is 100 percent specialized in information security services. Even within this niche market, we are unique given that our consultancy services are substantiated by certified professionals recognized by international authority CompTIA. This is one of our key differentiators and an essential factor in this dynamic and multidisciplinary field that requires expertise in networks, systems, SaaS development and data infrastructure. To keep pace with technological innovation, which has a tendency to become obsolete every two years, constant training, education and recertification is central to our commercial strategy.
Since cybersecurity awareness within Mexico’s business community is very much in its infancy, many organizations think that software or hardware tools are a catch-all solution to cybersecurity threats. This is not the case. In practical terms, Cero Uno has mainly focused on helping clients implement reliable software and hardware solutions that both address their security needs and complement their digital infrastructure. On the consultancy side, we help our clients with the development of processes, methodologies and techniques necessary to respond to malicious intent and, while hopefully never necessary, breaches and reactivation as well.
Q: How should companies prioritize the development of security practices as digitalization continues to expand?
A: The COVID-19 pandemic unquestionably put pressure on companies to add tools that provided them with the mobility and flexibility they needed. It is a transformation that organizations are still grappling with two years into the pandemic.
To respond to this market pressure, the immediate concern for companies should be to build an infrastructure capable of sustaining constant and secure communication between new endpoints. After this has been successfully accomplished, companies should then concern themselves with extending security tools and processes to these endpoints – a difficult undertaking even for companies with more mature security protocols. Beyond this point, companies can then examine more precise infrastructure and accessibility choices, such as micro-segmentation, which implies the intentional division of an organization’s digital infrastructure and controlled accessibility.
This transformation is a learning process for everyone involved and thus represents a great opportunity for Cero Uno and the overall subsector.
Q: Cloud services and other third-party collaborators have given rise to the concept of shared responsibility between enterprises. Can you elaborate on its significance?
A: Cloud service is not a new market tool and yet it remains poorly understood. With many companies equating the service with a false sense of security, it is important to clarify that implementing a hybrid or cloud infrastructure does not mean that information stored on these digital platforms is secure; it requires security mechanisms. As outlined by cloud service providers, information security is a shared responsibility. While cloud services providers are charged with providing a secure infrastructure, clients are responsible for their information within this structure.
Since this is an emerging concept, there is pending dialogue in the development of mechanisms and coordination between both parties, especially with partners that play an essential function for or within the company’s daily operations. Nevertheless, Cero Uno already has tools that clients can use to minimize the risks represented by associations with third-party providers.