On May 18, Panda Security will be holding the Panda Security Summit (#PASS2018). The aim of this event is to offer a clear and objective perspective of the current security environment, focusing on the main dimensions on which the sector is now based. Among the speakers taking part is the head of Spain’s National Cryptologic Center (CCN-CERT), Javier Candau, who will be offering his view of the cybersecurity challenge in Spain.
All security dimensions are important for a company, according to Candau, but the confidentiality of certain issues and processes is particularly relevant. According to him, management has to understand that a business is sustained by its systems and the information it generates, so this is a strategic decision, as are vigilance and auditing.
As the head of the CCN-CERT, Javier Candau knows what the keys are for a government in the fight against cyberthreats. These include the implementation of improvements in areas such as detection capabilities, considering cybersecurity as a horizontal service; collaboration between the public and private sectors; the response, which has to be rapid and round-the-clock across all points of the corporate network; and deterrence.
So far, sectors such as the aeronautical industry, the general public, and the defense or energy sectors have been the main targets of complex attacks. In order to face these types of incidents, the CCN-CERT is looking to advance awareness among government authorities and business management, and improve the capacity to detect complex attacks with anomaly detection tools such as CARMEN, which must integrate with tools for correlating the logs of organizations and, essentially, with endpoint tools.
Candau also highlights the work being done to improve the cybersecurity structures of organizations, aiming for some services to be provided horizontally and for technical staff to be adequately qualified through training programs and the provision of technical information on technologies and configurations.
Cooperation with the private sector and challenges in 2018
Large companies are working with the Government to be able to deal with cyberattacks, but for this, it is first necessary to ensure they have confidence, explains Candau, and later, they need to complement and reinforce the security services that the private sector provides them. In this way, the head of the CCN-CERT hopes that companies will at some point share information about the attacks they suffer and their cybersecurity concerns.
The essential cybersecurity challenge for the government this year is to provide much more proactive horizontal services, with the setting up of the Security Operations Center of the Spanish Central Administration. In addition, Candau explains that the Center is working on improving exchange platforms, detection capabilities, auditing capabilities, and training platforms and content.
CCN-CERT’s approach to combating cybercrime against the state culminates with the identification of the origin of the attacker. To this end, and in line with current regulations, the government organization operates in terms of risk/impact and speed of response.
Javier Candau admits that cybercrime has very different complexities. These range from botnets, which are generally easy to detect and disinfect, to organized crime attacks that look for direct financial benefit or the theft of information, passing through complex ransomware of difficult cryptologic analysis.
The head of the CCN-CERT also underlines that the targets set are sufficient to protect the country’s critical infrastructure against cyberattacks, but these systems do not undertake the challenge of protecting operational networks. Candau recognizes that it is no longer acceptable for these not to be interconnected, as businesses need this information, so he advocates coherent security policies and thorough vigilance of interconnections as well as traffic and anomalies in industrial protocols. Security must therefore be applied in all dimensions: physical, cyber and human.
For more information about national cybersecurity, the role played by the CCN-CERT in the major attacks of 2017 and Javier Candau’s view of the challenges for the coming years, come to the Panda Security Summit, where Europe comes together for cybersecurity.