It is not digital security in Brazil that needs to evolve, but rather the mentality.
Today we have at our disposal the same technologies used in other countries. What has advanced abroad, but not here, is that companies and institutions no longer have the luxury of thinking that occurrences such as the successive invasions we have observed in companies and government bodies in Brazil are predictable.
It is no longer a question of predicting or not predicting cyber invasions. But about understanding that they will certainly happen.
The question is when.
In Brazil, we still don't understand this. Because our digital security culture needs to mature.
Attacks of the magnitude recorded this month in so many companies and institutions do not happen overnight. They are often prepared months in advance. An efficient monitoring system, strengthened by a solid security culture, would have stopped the threats. And even detected traces of the criminals in the corporate environment.
What prevents the steps of hackers in a company's virtual environment from being detected?
Every cyber security strategy is based on three points: monitoring, detection and response.
Monitoring means observing and watching 24/7, each and every movement within the institution's virtual environment. Thus, any anomalous action, however small, is quickly detected. And it is possible to respond quickly.
In large intrusions, it is common for the cybersecurity team to find, when surveying what went wrong, that the monitoring process was ineffective in figuring out how the incidents started happening. This delay also delays response time.
And the key to protection is speed of response so that the damage can be contained.
Looking at the way cybercriminals operate, they are almost unlikely to be caught. After all, we are talking about specialised attackers and therefore very adept at covering their tracks.
Is digital security in Brazil lagging behind other countries?
The ability of cybercriminals evolves along with technology. On the other side, there is a difficulty in raising the level of maturity in institutions regarding data security posture. We come from a world where many companies saw a division between the physical and digital world. Today that separation no longer exists. But many organisations have not yet made the mentality transition.
What we need, as a matter of urgency, is not to develop the capacity to defend, but to create the perception that when we talk about cyber security, the question is no longer how much it costs to protect, but how much it costs not to protect.
The damage of an attack costs more than the technology to prevent it
When doing the math on how much it costs to implement a good data protection service, some companies find digital security in Brazil too expensive and postpone planning. But only those companies that insist on focusing on the easiest calculation, that which is obvious, which involves simple budgets for antivirus and IT tools, believe that this can be left for later.
In this scenario, the most important thing was left out. We need, first of all, to put on paper the damage of a possible attack, which is much greater than the architecture to prevent it.
Brazil had the highest share of users attacked by phishing scams in the first quarter of 2019, according to international internet security software companies.
And the financial impact of a data breach is not just felt when it happens. The consequences follow in the long term. While an average of 67% of breach costs are realized in the first year, 22% accrue into the second year and 11% go beyond two years after a breach.
No wonder that the value of insurance for data leakage is rising and often does not cover all the damage generated. It is increasingly difficult to make the bill close.
Therefore, it is not digital security in Brazil that needs to evolve. When we think about protection in the virtual environment of companies, we are no longer discussing about simply having a cybersecurity tool. We are talking about acting in a hyperconnected world, in which protection needs to be part of the strategy, ensuring the secrecy of information and facilitating business.
By Allan Costa