STORY INLINE POST
Q: What added value do you offer clients?
A: Data Warden was founded in 2004 and has always been focused on cybersecurity. In the beginning, we were mostly focused on the financial sector but now we work with more verticals such as telecom and retail. Our services can be divided in three. The first is consulting, where we help companies create a strategy for cybersecurity. They do this with the support of a risk and vulnerability analysis and the identification of a standard or certification they wish to have. The second service we offer is tech architecture and the controls necessary for this strategy. These can be tools such as firewalls for applications, protection for a database or data backup. Our third division manages the security of a company as a third-party administrator. This service is more focused on us identifying and reacting in an opportune manner to threats.
Q: How do you approach cybersecurity strategies?
A: We first align to our client’s objectives; tech comes after. If the client is seeking a channel for transactions or communication with the customer, it has to be dynamic, robust and secure. Our solutions aim to provide maximum availability of their platform, low downtime, limited error incidence and minimization of the surface for cyberattacks. We seek to provide visibility of potential threats and give clients the capacity to react or preferably anticipate threats. This must be applied to every critical part of a client’s operations so they feel safe.
Q: What do you offer in terms of applications?
A: Applications today are not specific to mobile devices or a PC, they have to be accessible through whichever route the customer chooses. While it can be through a web browser, it can also be through messages from a webservice requested through an API. We try to create solutions that ensure that these applications, regardless of how they are used, are performing to their best potential and in a secure manner.
Q: What is your approach to anticipating or preventing cyberattacks?
A: There is no solution that provides 100 percent security. The fact is, when someone wants to attack you, it is not a question of whether they will or not. It is a question of when and what the impact will be. For this reason, companies need to do an analysis of risks. They need to identify and then quantify the impact attacks can have on their business. Once you know that, you can develop company policies, a tech infrastructure and train your employees. There is some risk you cannot mitigate or that would imply too high of a cost. This is called residual risk. Companies will always have to be conscious about this. They can implement security controls and carry out continuous monitoring with the aim of anticipating a threat, which requires the right tools. You need to be able to identify the millions of events that are constantly happening, which constitute an actual threat. This requires automated monitoring, as well as technology like artificial intelligence to maintain a laser focus on critical aspects.
Apart from this, there are several proactive actions a company can take. They can constantly carry out vulnerability analyses and penetration tests. For example, they can do an exercise with three different teams: the red, blue and the white team. The red team carries out the simulated attack on the company from the outside. The blue team is in charge of securing the company and stopping the red team. The white team assesses the procedures taken and the impact, like an internal audit. Through these kinds of activities, companies are taking a different posture against cyberthreats by generating visibility. This is the kind of strategic mentality that will ensure companies are not always playing defense, trying to stop and reduce the impact of attacks.
Q: What needs have emerged due to this pandemic and the move to remote work?
A: We have tried to provide clients with visibility and control of their equipment regardless of whether it is operated inside or outside of the office network. Companies can use different tools to know what is happening on an employee’s equipment. Unfortunately, many companies still do not have basic security controls to secure home-office employees who are using their own equipment. Some basic tools are fundamental, such as a VPN network and a secure mechanism to enter the cloud. In addition, companies need to have strict protocols in place so employees continuously upgrade their antivirus software and firewalls. In addition, they need to regularly update in an adequate manner their passwords. In the past, we used to talk about securing the perimeter of a company network. Now, we speak of securing the identity of users. Digital hygiene, meaning adequate employee behavior, is essential for maintaining cybersecurity.
Q: What is your working relationship with software providers?
A: ISO 27000, which is a standard for cybersecurity, also regulates how we should provide our services. It defines the formation of our portfolio and interaction with providers. We work hand in hand with our commercial partners. In most areas, we have the maximum level of certification provided by them. There is a mechanism through which we have sessions every year, or every quarter, to review our objectives with our providers. This is not the case for every commercial partner but certainly for the large ones.