He Global Ransomware Report 2023 revealed that 84% of organizations, businesses and government agencies have experienced “one or more cybersecurity breaches” in the past 12 months. Among them, those registered in Latin America and the Caribbean an average of three gaps in the last year.
The data is not surprising at the local level: Argentina suffered a Ransomware cyber attack a week ago where the Lockbit cybercriminal group encrypted the data of a company called Bizland, which manages the discount system in pharmacies for social and prepaid jobs, which left users without systems.
But the case has been one more brick in a wall that grows higher every day: from the case of the National Senate at the beginning of last year, passing through large companies such as OSDE, Artear or Ingenio Ledesma, the list of organizations extorted from this malware (virus) that encrypts data to ask for money in exchange is growing more and more.
In this context, the study of fortinet This is a survey that investigates about 30 countries around the world. The publication places great emphasis on the lack of cyber security skills affecting organizations around the world.
These vacant positions lead, second the numbers where 68% of organizations have faced “additional” cybersecurity risks – from data breaches, phishing and internal theft to ransomware, the publication’s top concern.
In this sense, Fortiguard Labs, the threat laboratory, has found that security intrusions are on the rise: “84% of organizations have experienced one or more cybersecurity intrusions in the last 12 months, compared to 80% of the last year”.
“More organizations have been impacted financially by breaches: Nearly 50% of organizations have experienced breaches that cost them more than $1 million in the past 12 monthswhich represents a 38% increase over last year’s report.
But without a doubt, the biggest concern that companies and governments have is the “skills gap”, i.e., lack of staff: “94% of corporate boards in Latin America and the Caribbean support hiring more security personnel than ITEM [Tecnología de la Información]which underscores the demand for cybersecurity talent,” they explain.
“Cybersecurity continues to be a top priority for boards and there is a call from executives to increase IT security staffing. Plus, technology-focused certifications are highly regarded by employerssince they serve to validate skills ”, they detail.
Also, there is a strong emphasis on how difficult it is for organizations to hire experts on the subject, especially to designate leaders who know how to manage cyber security, cyber security and design an architecture in place to prevent and manage cyber attacks.
In this sense, few organizations have a key position: that of CISOinformation security officer.
The CISO, a key but almost non-existent role
“If I had to explain what a CISO is, I would say that he is by definition the top executive in terms of information security”, he explains when asked by clarion Jaime Chanagá, Fortinet CISO for Latam and the Caribbean.
“However, this role has evolved over the past 20 years ehThey are no longer just technical figures also be a business leader: someone who speaks the language of the company they belong to and who supports initiatives through information security, promoting and protecting and providing more risk mitigation and business resilience“, he adds.
In Argentina there are large organizations such as Banco Galicia or Santander, which have a designated CISO but, for example, at the state level, this position does not exist (as it happens in the United States, for example).
“All the governments of Latin America right now they are aware of the gravity what is going on in this cold war of cyber weapons. If we look at the headlines that have occurred in recent times, we can see that many governments have been attacked throughout Latin America,” he recalls.
Latin America is very little advanced in this respect, but it is not the only region that is lagging behind. “In Latin America less than 1% of public and private sector organizations have a CISO named. But even the ‘Fortune 500’ companies, ie the 500 largest companies in the world in terms of turnover, only half have this position”, specifies the specialist.
As you can see, it’s not necessarily a matter of a lack of resources: “Many times it’s because of lack of awareness at all levels of the organisation.
In this context, the report concludes with a worrying fact: “65% of organizations predicts that the number of cyber attacks will increase over the next 12 monthswhich further aggravates the need to fill crucial positions to help strengthen security positions,” he ruled.
A world that will increasingly need CISOs, but also the efforts of the cybersecurity community to raise user awareness.
Global Ransomware Report 2023
About Global Ransomware Report 2023: “The survey was conducted among 569 cybersecurity leaders spread across 31 countries worldwide, including: Brazil, Mexico, Colombia, Canada, US, UK, France, India and Japan , among others,” explains Fortinet.
Respondents belong “to a wide range of sectors such as manufacturing (29%), technology (19%), transport (12%) and healthcare (11%)”.
You can read it in its entirety at this link.
Linda Price is a tech expert at News Rebeat. With a deep understanding of the latest developments in the world of technology and a passion for innovation, Linda provides insightful and informative coverage of the cutting-edge advancements shaping our world.