Over the past two years, Argentina has experienced cyberattacks in sensitive areas such as Migration and Renaper. Image Pexels
The Organization of American States (OAS) will begin training in Argentina in June through check cybersecurity practices of state agencies. “The program involves working with Argentina’s computer security policy team to review government practices and even the law,” he explains. Kerry-Ann Barrettmanager of the OAS cybersecurity program, at a round table at AWS Summit 2022.
“We are working on an optimization process with Argentina. We did it in Brazil three years ago, then in the Dominican Republic, and now we are offering it to the Argentine government. In addition, we will examine what we call the ‘model of capability maturity in cybersecurity ‘in relation to the Oxford University model ”, he added in a talk in front of journalists and market analysts.
This model is based on the program of the international Global Cybersecurity Training Center at Oxford Martin School, “a leading international research center on efficient cybersecurity capacity building”. They are constantly doing papers and academic research to update knowledge about computer attacks.
Secretary General of the Organization of American States, Luis Almagro. Photo EFE
“We will apply that model to all policies and laws, in addition to to be interviewed all involved and then we will make a report with AWS to private sector organizations. That report is to outline recommendations to take cybersecurity to the next level, ”explains Barrett, consulted by Clarionin connection with joint work to be done in Argentina.
“We hope to be able to travel to Argentina, but we hope for restrictions on Covid. In the Dominican Republic, for example, we did it remotely and we had several virtual meetings that served to meet the goal”, the expert concluded.
The issue is no small for the Argentine Government: in 2020, the National Migration Directorate suffered a cyberattack that leaked 1.8 GB of sensitive data from Argentine citizens. Last year, a user used unauthorized access to the National Registry of Persons (Renaper) and leaked personal data in addition to photos of documents of hundreds of thousands of citizens.
Standardize regional skills, the key
Renaper was hacked last year, leaking sensitive citizen data. Photo Renaper
In addition, the Organization of American States (OAS) explained how it works with relevant states to combat cybercrime.
“In the last three months we’ve had zero trust webinar, is one of our main focuses for the states of America. We are also very attentive to the supply chain of contracted companies, and there zero trust is key: we think of the problem from a technological point of view, but we know that the problem is human ”, explains Barrett.
The expression (in English, “zero trust”) refers to a way of working in which users are assumed to need to be authorized and verified always: even if the employees themselves are considered potential attackers.
This approach, according to another interviewee of the U.S. Chief of Information Security, Chris DeRusha, is the focus of the Biden administration after showing intense concern about the incremental increase in cyberattacks over the past two years.
“People are behind computers, people are launching an attack: so we’re committed to ‘zero trust,'” the OAS expert added, referring to the latest attacks by groups such as Conti, Lockbit and Lapsus, which put governments such as Peru and Costa Rica in control.
In this sense, the specialist explained the “three pillars” on which the OAS cybersecurity policy currently rests.
“Given the international nature of cybercrime, it’s important that all use the same definitions: what was the incident, what was the cyber attack. We need a global consensus. The second important point is how to ensure that different countries have reciprocate the investigations of cybercriminals, ”he explained.
“And the last thing is to define what is meant when we talk about ‘harm’. Because the factors involved in penalties and compensation for attacks ”, the specialist concluded.
Finally, Barrett insisted on those countries must have the position of CISO (Chief Information Security Officer) such as large companies.
These discussions took place at AWS Summit 2022, an annual convention hosted by Amazon Web Services, Amazon’s cloud computing division, in Washington.
There experts and members of various industries and public agencies working on AWS services meet to participate in discussions and present the latest in the field of cloud computing -related products and services.
From Washington DC.
Source: Clarin
