According to the study Breakthrough conducted by Dell Technologies, although 85% of business leadership in Latin America considers that their human capital is essential for business development, when it comes to cybersecurity, the human factor represents the greatest challenge to successfully implement a security strategy. cybersecurity. And it is that, according to the same report, 55% of those surveyed consider employees as the weakest link in defense strategy against cyberattacks.
Cybersecurity is the guarantee for the sustainability of digital transformation in organizations. Understanding how people respond to the current context of uncertainty, to the constant “stalking” of cybercriminals, when designing organizations’ cybersecurity strategy, was the contribution of the Cybersecurity event: views from DNA, a Think Tank organized by Dell Technologies with the participation of various experts.
In this edition participated Estanislao Bachrach, molecular biologist, consultant in creativity, innovation and biotechnology in private companies and government agencies; Guillermo Garrido, Director of IT Enabling at the Tecnológico de Monterrey; Eddy Fortoul Cavicchioni, VPA of Cybersecurity at Banco General Panamá and Luis Goncalves, president of Dell Technologies Latin America.
Cyber attacks: the great threat in the Data Age
Every 11 seconds, a successful cyber or ransomware attack occurs, while for organizations the average cost per cyber attack can be as high as $13 million. For 84% of IT leaders, preventing data loss from cyberattacks is most challenging in remote work environments, while 70% of enterprise cybersecurity attacks are driven by behavioral failures at the enterprise level. of the end user. And it is that, in the Data Age, the threats of cybercriminals do not give up.
For Estalinao Bachrach, when faced with a state of siege and/or risk, as before the challenges of an organizational change, human groups experience unpleasant emotions that activate at least three types of reactions: sectors that are apathetic to risks and do not The sectors that deny the possibility of being victims of the threats are involved in the changes, and the groups that are committed to actions to repair or transform reality.
“In the data age, cybersecurity attacks on organizations constitute a threat of unprecedented impact that requires managers to develop cultural change that must be planned, with specific goals, with deadlines that can take from 3 to 5 years to show signs of transformation and as long as the company knows how to select the general leadership that brings together the greatest number of wills in the company”, stated Bachrach.
Risk recognition
Strengthening the recognition of personal and corporate risks after a cyber attack is key to providing content to the development of an organizational culture in terms of cybersecurity. In this sense, Eddy Fortoul Cavicchioni is categorical in stating that the effects of a cyberattack not only touch the operational integrity of the business, it violates the integrity and security of critical data for the entire ecosystem of a company (customers, collaborators, suppliers, managers and shareholders) and its reputation in the market.
“It is essential to promote a cybersecurity culture for the recognition and education of the risk factors to which we are exposed. As well as constant education around the best protection practices. I see it as a process similar to what we have adopted with wearing a seatbelt while driving a car. Generations before ours did not even use it, but the perseverance and commitment of society raised awareness of the benefits of this device for our safety behind the wheel. We must promote something similar so that all our collaborators know how to identify a malicious email, for example”.
Given this approach, Guillermo Garrido, takes the personal analogy of the seat belt to what was the adoption of a safety culture in industrial production environments. “We must be aware of the fact that 98% of cybersecurity attacks on organizations stem from internal human error. The key to change in these two referents has been in a strategy of user training, training of all audiences and persistence in communicating the warmth of the new organizational culture. Aware that persistence is long-term, and that it implies the deployment of different pedagogical formulas that encourage, motivate change ”, he affirmed.
