Last Friday, we held our first advanced cybersecurity conference, Panda Security Summit 2018, where cyber-resilience was the focal point. Among the audience of over 400 attendees were CISOs and CIOs of large Spanish and European companies. Silva Barrera hosted the event, which served as a framework to look at the latest cybersecurity trends – attacks, and how to protect against them all along the security chain, as well as the overall state of the sector – from the point of view of analysts, public institutions, and private companies.
Cyber-resilience, key in advanced cybersecurity
All of the conferences and workshops enabled attendees to get a clear vision of the cornerstones needed to reach the highest level of security within organizations. The importance of being resilient as far as security is concerned was widely recognised as being a key feature. It is also the leitmotif of Panda Security’s latest report, which was presented at #PASS2018. All of the speakers shared their ideas and experiences of how to prevent attacks, how to get back to the original state after an attack, and how to mitigate the effects of an attack using a good response strategy. The common theme running through all of the strategies analysed was prevention, detection, containment, and response.
The conference was opened by José Sancho, president of Panda Security, who underlined that this wasn’t just another cybersecurity conference. He emphasized that: “We believe we can give a clear, objective view of this complex, hard to understand landscape, with its multitude of technologies, its varied interests, and its messages which aren’t always objective.”
The first speaker of #PASS2018 was Ian McShane, Research Director of Gartner. In his speech, he explained that the challenge for 2019 is to reinforce prevention, especially in endpoint protection strategy. “The endpoint needs something more than an antivirus; endpoint detection and response (EDR) technologies are the key, as they offer a traceability which is indispensable for analysis and prevention. But these technologies aren’t going to replace humans; we still need analysts,” he explained.
Javier Candau, head of the National Cryptologic Centre (CNN-CERT) focused on the challenge of cybersecurity in Spain. He indicated that one of the main challenges facing the country in this area is the need to strengthen the National Security Framework (Esquema Nacional de Seguridad – ENS) certifications, which are mandatory for all mid to high level information systems. “Our incident management tool is registering more and more cases: businesses and institutions are becoming less and less reluctant to report cases,” added Candau.
Nikolaos Tsouroulas, Head of Cybersecurity Product Management at ElevenPaths in Telefónica explained that “technology is necessary, but people are even more important. Security professionals are the most valuable investment in this area.” Tsouroulas also stated that today’s threats mutate, evolve, and multiply extremely quickly. This means that managed detection and response (MDR) must opt for factors such as prioritizing endpoints and networks, data exchange, and real-time performance.
The conference continued with the participation of Nicola Esposito, Director of Deloitte’s CyberSOC EMEA Center, who explained that protection against advanced cyberthreats is a key factor for the company. “Nevertheless,” he went on to say, “It’s vital for companies to have a strategy so that they can be resilient in case something happens.” Esposito also highlighted factors such as the application of threat intelligence platforms, the creation of threat detection controls, and perimeter monitoring with automated alerts, but always with a fundamental role played by humans.
Finally, the director of the laboratory PandaLabs, Pedro Uría, put forth the keys for business security, protection and resilience, now that malware is no longer the problem. Instead, hackers are the future challenge of cybersecurity, as they use more complex methods. “New attacks, like those that don’t use malware, are the target of threat hunting services, such as those offered by the Panda Adaptive Defense platform,” explained Uría.
Panda Security Report: cyber-resilience and companies
The report ‘Cyber-resilience: the key to business security’ conveys the fact that the increase in the volume and severity of cyber-incidents detected by the majority of companies (64% and 65% respectively) has meant an increase in detection and response times in 57% of cases.
In light of this complex situation, Panda explains that cybersecurity must be understood as a corporate risk management problem. This means that companies must continually review and adjust their security organization, processes, technologies, tools, and services, in order to adapt to the evolution of threats in a process based on distrust.
The report from the advanced cybersecurity company also identifies companies that can count on robust cyberattack prevention (72%), detection (68%), containment (61%), and response (67%) systems as highly cyber-resilient. Likewise, companies that have set up a Computer Security Incident Response Plan (CSIRP) have experts who are specialised in their application (91%), and are led by directors who understand that a high level of cyber-resilience is directly related to economic growth (63%) and the company’s reputation (69%).
Do you want your company to be cyber-resilient? At Panda Security we have at our disposal the latest technology as well as the most highly skilled team of experts to help your company to prevent cyberattacks and to adapt after any kind of security incident.