IMPACT REPORT
Networking Platform Sponsor
Networking Cocktail Sponsor
Gold Sponsors
Silver Sponsor
Strategic Partner
The rapid transition to the digital world caused by the pandemic has allowed cybercriminals to take advantage of companies’ security gaps, putting both businesses and clients at risk. In addition, criminals are exploiting inherent human behaviors to gain entry to business networks, while self-learning and increasingly sophisticated cybersecurity threats are forcing experts to reconceptualize security controls in consideration of known industry vulnerabilities and operational fluidity. These sensitivities have created a need for niche industry solutions that led to the proliferation of specialized cybersecurity services and solutions. The booming cybersecurity field is now considered a fixed business expense regardless of industry or size. This seismic shift has had a direct impact on the role of company CIOs and CISOs, whose role has significantly expanded beyond their traditionally isolated information technology oversight and management role. The redirection of CIOs and CISOs’ responsibilities toward service and analysis speaks to risks and opportunities of a digitalfirst economy born from the limitations of the COVID-19 pandemic. During Mexico Cybersecurity Summit 2022, industry leaders highlighted the importance of cybersecurity in consideration of such volatile digital architectures. Divergences in composition have created new cybersecurity needs that have yet to mature and stand to benefit from retroactive feedback between clients and experts. As the premier event of Mexico’s emerging cybersecurity sector, Mexico Cybersecurity Summit 2022 provided an ideal space for key decision-makers to share their perspective and build a discussion around the latest trends affecting all industries and sectors of the Mexican economy.
4
C on f e r e nc e I mpact
89
Breakdown by job title
companies
278
conference participants
25% Manager 08% CIO 07% CEO / General Director / Founder 21% VP / Director 14% CISO / CTO 09% Head of Cybersecurity 16% Executive/ Engineer
40
speakers
06
sponsors
1,104
visitors to the conference website
Conference social media impact 3,774 direct impressions during MCS
Pre-conference social media impact 5,436 direct pre-conference LinkedIn impressions
3.958% click through rate during MCS
2.835% pre-conference click through rate
56.59% conference engagement rate
15.42% pre-conference engagement rate
Mexico’s leading B2B conference organizer introduces the world’s leading event networking platform. Delivering intent-based matchmaking powered by Artificial Intelligence that connects the right people. Network, no matter where you are.
129
participants
Matchmaking intentions
236
matchmaking communications
22
1:1 meetings conducted
291 Networking Total
1,451
52 Investment 994 Trading 114 Recruitment
5
C ompan y Att e ndanc e •
A3Sec
•
ICA Fluor
•
ACCIONA
•
ICE, Israel Cybersecurity Enterprise
•
AES MCAC
•
INEEL
•
Akza Advisors
•
Instituto Tecnológico de Veracruz
•
AMCHAM
•
Inter
•
AMEXICOM
•
Invex
•
Arista Technologies
•
Israel Commercial Office in Mexico
•
Astrazeneca
•
IVEMSA
•
Atlas Copco Mexicana
•
Kaspersky
•
BANYAX
•
Klustera
•
Betterware
•
KPMG MX
•
BIVA
•
Laboratorios Sanfer
•
Brella Ltd
•
Latino Seguros
•
CBRE
•
Majorel
•
Cisco ThousandEyes
•
Mandiant
•
Coca Cola FEMSA
•
Mexico View
•
Comercial city fresko
•
Mexico Business
•
Crowdstrike
•
Microsoft
•
CyberIIoT
•
minu
•
Cybolt
•
MITEC
•
Darktrace
•
Molinos del Fenix, S.A de C.V.
•
DIGIX
•
NautechMX
•
Disc IT Business Solutions
•
Netskope
•
DLC CORPORATIVO
•
NEUBOX
•
DuPont
•
Nyx technology
•
EASYSEC
•
Pizarro Suárez & Bandala Abogados
•
EGlobal
•
PROSA
•
ENEL GREEN POWER
•
Protectia
•
Enermex
•
Santander
•
Etek international
•
Scotiabank
•
Femsa
•
Shell & Quaker State México
•
Fibra Uno
•
Siemens
•
Flink
•
Tanium
•
GE
•
TCS México
•
General Motors
•
Telefónica México
•
GMX Seguros
•
Terumo Latin America Corp
•
Grupo Aeroportuario del Pacifico
•
TEST
•
Grupo Akron
•
Tokio Marine Mexico
•
Grupo Autocom
•
u-Storage
•
Grupo Bimbo
•
Utilities
•
Grupo La Moderna
•
Von Wobeser y Sierra, S.C.
•
Grupo Salinas / Totalsec
•
Womcy
•
HCL Technologies
•
X Design
•
HDI Seguros
•
Zacsoft
•
Huawei Mexico
•
Zenda.la
6
P r og r am D ay 1
09:00
ADAPTING CYBERSECURITY THREATS
Moderator: Carlos Alanis, Banyax Panelists: Luis Padilla, Crowdstrike Felipe García Vivanco, Scotiabank Alessandro García Álvarez, Tanium Gustavo Adolfo García Arellano, Christus Muguerza 10:00
THE EVOLUTION OF DIGITAL INFRASTRUCTURES
Moderator: Erika Sánchez, ANUIES - TIC Panelists: Julia Urbina, CyberIIot Brenda Zetina, Datadog Manuel Diaz, Huawei Technologies Mexico 11:00
NETWORKING OPPORTUNITY
12:00
FINTECH & BANKING CYBERSECURITY VULNERABILITIES
Moderator: José Andrés Chávez, Bayonet Panelists: Jorge Lozano, Mandiant Valther Galván, Prosa 13:00
INDUSTRIAL CYBERSECURITY
Moderator: Vanessa Padua, Microsoft and WOMCY Panelists: Patricia Fragoso Soto, Volkswagen Mexico Alexandro Fernández, Coca-Cola FEMSA Oscar Jaramillo, Enermex Juan Gálvez, BIVA 14:00
NETWORKING OPPORTUNITY
15:00
UNIQUE SECURITY CHALLENGES IN THE CLOUD
Moderator: Juan Carlos Carrillo, PwC Panelists: Arnulfo Espinosa Domínguez, IMEF, ARES and ISACA Óscar Octavio Salgado Álvarez, AMIS Francisco Carlos Martínez, Santander Lorena Bravo, Oracle
7
P R O G R A M D AY 2
09:00
CIO’S (CISO’S) & CYBERSECURITY
Moderator: Erik Moreno, Minsait Panelists: Elvira Sánchez, DHL Heriberto Landetta, GM México Antonio Saracho, Grupo Coppel 10:00
ATTRACTING AND DEVELOPING CYBERSECURITY TALENT
Moderator: Aimed Pimentel, WOMCY Mexico Panelists: Jenny Mercado, Betterware Mexico José Arriaga, Tokio Marine Valther Galván, Prosa 11:00
NETWORKING OPPORTUNITY
12:30
HUMAN BEHAVIOR’S ROLE IN SECURITY BREACHES
Moderator: Elizabeth Jáuregui, Ericsson Panelists: Bismarck Animas, FEMSA Erwin Campos, Bimbo Miguel Porfirio Camacho, AMIS 13:30
NETWORKING OPPORTUNITY
15:00
AI & ML: DOUBLE EDGED SWORDS
Moderator: Israel Gutiérrez, A3Sec Panelists: Alfredo Sastre Barraza, CSOFTMTY David Casillas, Nyx Technology and Pixframe Studios Daniela Hernández, AMEXICOM Pablo Carrillo, Darktrace 16:00
ISRAEL: NEWEST PARTNER IN MEXICO’S CYBERSECURITY ECOSYSTEM
Speaker: Sneer Rozenfled, Cyber 7 and Cyber 2.0
8
C on f e r e nc e H ighlights EVOLVING CYBERSECURIT Y THREATS CALLS FOR A RETURN TO BASICS T h e d i g i t a l tr a n s f o r m a ti o n c h a n g e d
learning and adaptation process to lead
th e p l ayi n g fi e l d fo r c yb e rc ri m i n a ls ,
the charge against cybersecurity threats.
prompting them to adapt their strategies to navigate and exploit vulnerabilities.
To do so, companies need to be fully
Th e se inte rm in a b l e a n d in cre a sin gly
cognizant of their digital infrastructure, a
sophisticated cybersecurity threats have
callback to a cybersecurity fundamental:
forced companies to return to cybersecurity
inf rastruc ture a udit s . Th e tra ditional
basics, reconsider security priorities and
security protocols have become outdated
foment organizational communication,
in part because digital infrastructures have
according to industry experts.
changed, effectively compromising the visibility companies need to protect against
“After the pandemic, the range of attack
cybersecurity threats. This recomposition
extended due to home office schemes and
has not only introduced new access points,
the migration to the cloud. The challenge is
it has also changed internal organizational
to adjust our security position in this new
and consumer-facing processes . This
reality,” said Luis Padilla, Manager Mexico,
reorientation has introduced a new layer
Crowdstrike.
of complexity that has made previous organization security protocols obsolete.
“After the pandemic, the range of attack extended due to home office schemes and the migration to the cloud. The challenge is to adjust our security position in this new reality”
Luis Padilla Country Manager Mexico | Crowdstrike
In response, companies were obligated to take a step back and conduct inventory a u dit s to a chieve th e “ f ull sp e c trum visibility they needed to identify gaps and update security protocols accordingly,” said Alessandro Garcia Álvarez, Technical Solutions Director, Tanium. The added element of organizational process has introduced a new element to cybersecurity coordination, which has led to more holistic
The limitations imposed by the
security controls and protocols.
C OV I D -1 9 p a n d e m i c l e f t c o m p a n i e s with little recourse other than to adopt
Cybe rcriminals have reac te d in turn ,
and implement new technologies ,
adapting their tools to reflec t a new
of ten without the usual strategic and
digital realit y, consequently “ forcing
security preparation. The accelerated
cybersecurity professionals to reassess
migration towards cloud and edge
their understanding of how these threats
computing services effectively erased the
function,” said Gustavo Garcia Arellano,
infrastructure limitations that companies
Chief Information Security Officer, Christus
were used to monitoring , thereby
Muguerza. Furthermore, cyberthreats have
inadvertently creating risk opportunities
become increasingly sophisticated, learning
for cybercriminals to exploit. The shifting
to appear and mimic the appearance of
nature of digital infrastruc tures have
professional services that are particularly
therefore “changed the security objectives
h a rd fo r n o n - s p e c i a l i s t s to i d e ntif y.
that companies should consider when
This points to a growing trend among
formulating security controls,” said Felipe
cybercriminals to target end-users; which
Garcia, CISO, Scotiabank. Consequently,
in turn requires companies to implement
companies should understand that security
awareness and education campaigns, said
controls will need to continuously adapt
Garcia Álvarez. Compounding this concern
in response to evolving cybersecurity
is the known investments cybercriminals
th reat s . This re q uires a n un rele nting
have been allocating toward AI and robotics
9
C on f e r e nc e H ighlights to augment the apparent legitimacy of
the cybersecurity community, experts
disguised security threats. More troubling
know exactly where in their infrastructure
yet, this is only one application of the many
to check for dormant threats in their
that have extrapolated from adversarial AI.
system. This is a saliently important ability considering the norm of disaggregated
Another preoccupation for cybersecurity
digital infrastructures.
professionals conce rns th e a ppa re nt independent mutation of malware enabled
To augment the effectiveness of threat
by ar tificial intelligence and machine
c a m p aig ns , c yb e rcrimin a ls h ave a lso
l e a r n i n g . M a lwa re n ow p re s e nt s th e
b e g u n to d ev i a te f r o m t h e i r m o d u s
ability to hide its identity in the face of
o p e r a n d i c o n c e r n i n g t h e i r s t r a te g i c
detection efforts, in turn forcing security
approach to entry. Most recently, experts
experts to double their efforts towards
h ave o b s e r ve d th e f ra g m e nt ati o n of
the identification of system anomalies,
threats, which are capable of bypassing
said Garcia Álvarez. An added aspect of
security checks as individual components
this ability implies that this threat is able
and then rejoining once inside the digital
to wait, embedded within a system, and
infrastructure. This challenge was resolved
activate when it seen most opportune.
with the register of individual components
This is forcing security experts to keep
of a g re ate r th re at , info rm atio n th at
records of all retrospective analyses so
was shared with a larger cybersecurity
if necessary, when a threat is flagged by
community.
THE SAFE EVOLUTION OF DIGITAL INFRASTRUCTURES REQUIRES EDUCATION C o m p a n i e s h a v e m o v e d a w ay f r o m
Af te r th e COV I D -1 9 p a n d e m i c , 47
singular on-premise networks, as
percent of IT decision makers said their
evidenced by increasingly disaggregated
organizations had accelerated their digital
digital infrastructures that use multi-
transformation initiatives, while 60 percent
cloud and e dge de ploym e nt s . This
said the pandemic forced them to revisit
evolution is only starting, with digital
and revise their IT strategy, according to
infrastructures responding and adapting
the results of the Equinix 2020-21 Global
to the introduction of new technologies
Tech Trends Survey (GTTS).
and cybersecurity protocols. This growing digitalization will open businesses to more
There are five main risks that can arise
complex cybersecurity threats, which
when evolving the digital infrastructure.
will only be mitigated through new and
“ The first one arises when companies
innovative security strategies.
try to digitize what is not digitizable or should not be digitalized. The second one comes as a result of an accelerated
“Companies can base their risk assessment
process that skips tools and processes for
through a NIST Cybersecurity Framework,
this digitization. The third is an inadequate
which has five core functions;
integration, the fourth is the acquisition of
identification, protection, detection,
products that do not necessarily benefit
response and recovery, and can be
the environment and the last one is failing
used from SMEs to governments
to co m p ly with p riva c y a n d se cu rit y
to analyze their tangible
regulations ,” said J ulia U rbina , CISO,
and non-tangible assets
CyberIIot.
under one profile”
Julia Urbina CISO | CyberIIot
The right processes for a digital infrastructure evolution enable organizations to adapt to technology
10
C on f e r e nc e H ighlights
trends dynamically so that when the need
functions and responsibilities in all areas
arises, they can rapidly assemble and
of the company, have a clear and updated
reassemble the right building blocks and
corporate legislation and ensure they
resources. In many ways, the ability to
comply with national regulations to avoid
interconnect with partner and customer
being penalized for legal breaches.
ecosystems is key to helping organizations realize th e true value of th eir digital
In this integrated ecosystem, cybersecurity
infrastructures.
must be a priority, especially as no one is exempt from risks in these rapidly
“Companies have now realized the value of
evolving environments, said Zetina. Thus,
cybersecurity and how they use it to evolve
companies need to have a unique source
their organizations and achieve business
of information on what is happening to
continuity in a better way than they could
reduce risks with end customers and the
achieve it without tech. Now, the IT team
company itself. Communication and training
reports to the Security team and not the
are also essential. “Training and awareness
other way around. This is already bringing
for employees in security areas is also
benefits to companies and final users,” said
fundamental as they can also be a target of
Brenda Zetina, Territory Director, Datadog.
threats,” said Diaz.
This transition needs integrated planning
Other effective ways to reduce risks include
to be organized . All facets of the
incorporating multifactor recognition and
business, such as customer service, HR,
ensuring the clarity of connection processes
IT, sales and management, must work
from network to users and physical security
together to review their current systems
mechanisms because “not all people work
and the data generated as part of their
from the office and many companies have
daily operations, explained Manuel Diaz,
third parties where information is shared,”
Director of Cybersecurity and Privacy
said Diaz.
Protection, Huawei Technologies México. Using that information, companies should
Cybersecurity in the cloud is also key, said
d e fi n e a p ath to co n n e c t th e i r d at a ,
Urbina. In the past year, companies have
break information silos and share their
struggled to secure their cloud infrastructure
knowledge to become smarter. Integration
given that their inherent disaggregated
planning can improve the experiences of
design has introduced multiple entry points
customers, employees, business partners
for cybercriminals to exploit, MBN reported.
a nd eve r y oth e r playe r involve d in the company.
These security gaps, which normally form during the initial onboarding process and
T h ro u g h i nte g r ati o n , co m p a n i e s c a n
more commonly during changes between
d e fi n e c o r p o r a te p r i o r i ti e s , d eve l o p
different cloud service providers, constitute
11
C on f e r e nc e H ighlights the leading cause of cloud data breaches.
include making cybersecurity part of the
Companies lack the know-how and the
basic culture of companies, establishing a
security tools to protect their public cloud
collaborative relationship with providers,
infrastructure even as they are considering
regulator y client s and ac ademia and
the addition of other cloud services. “Thus,
investing in the R&D of further tools that
authentication is also fundamental in this
can support the company.
step, not just for our direct collaborators but also for our third parties and cloud
“Companies can base their risk assessment
providers,” Urbina said.
through a NIST Cybersecurity Framework, which has five core functions; identification,
Nonetheless, “there are systems that can
p rote c ti o n , d ete c ti o n , re s p o n s e a n d
help companies achieve a safe digital space
recovery, and can be used from SMEs to
and infrastructure at all levels,” said Erika
governments to analyze their tangible and
Sánchez, Coordinator, Women’s ANUIES
non-tangible assets under one profile,”
ICT Network Mexico. These measures
said Urbina.
SPOTTING VULNERABILITIES IS CRUCIAL FOR FINTECH, BANKING SECURITY Financial transactions are a natural target
companies aim to store as much specific
for cybercriminals. Fintech companies and
and useful data as possible due to the high
traditional banks are governed by strict
value of this information, particularly for
cybersecurity regulations and must be
AI and machine learning (ML) projects.
careful when exchanging data due to the
However, storing large volumes of data
risks and vulnerabilities involved in the
makes these companies a more valuable
process, agreed industry experts.
target for cybercriminals. W h e n i t c o m e s to exc h a n g i n g d a t a ,
“Whether it is a third-party provider or not, you will always need someone in-house to manage those third parties. It does not have to be a large team, but there should be a person that can coordinate all the security efforts and has enough expertise”
Jorge Lozano Information Security Manager | Mandiant
i nvo l ve d p l aye r s m u s t d e c i d e w h i c h information they will share, said Galván: “We have a filter according to regulations and global standards that forces us to have a ver y clear scope of what data will b e sha re d . For la rge a mo unt s of data, it is important to implement AI and automation.” While it became more popular after the pandemic, data exchange is nothing new,
“Companies operating in financial services
said Jorge Lozano, Information Security
are targets of various forms of crime and
M anager, M andiant . Financial ser vice
fraud. Now, in the post-pandemic era, we
companies leverage data to manage risks
have learned that data is necessary. The
and position their brands, and the main
exchange of information between financial
challenge for these organizations is to
institutions is key. However, there are
work jointly to properly manage the risk
important risks to take into account too,”
scenarios they might face, he added.
said Valther Galván, CISO, Prosa. Wh eth e r it is a tra ditio n al ba n k o r a Fintech companies handle the same types
fintech company, the cost of a breach
of financial data as banks, including account
includes both direct and indirect
information, balances, cash flow data,
costs, such as reputation damage and
budgets and contact information. These
fines. A single breach could also drive
12
C on f e r e nc e H ighlights thousands of customers away. In the case
exercises, cyberattack simulations to prove
of fintech star tups or companies that
that our processes work,” said Galván.
are experiencing hypergrowth, loss of customer trust and reputational damage
When it comes to data exchange and there
may be the costliest aspect of a breach.
are two or more involved players, they must work as a team to map the security
Reputation plays an essential role within
architecture of all companies involved,
the fintech and banking environments.
said Lozano. Creating a collaborative
“Reputation, or the public opinion about
environment for all organizations involved is
somebody or something, is a concept we
crucial, he added.
take in consideration for most decisions in society,” wrote for MBN José Andrés
The pandemic helped companies across
Chávez, Co-Founder and CEO, Bayonet.
all industries to realize the importance of cybersecurity and invest accordingly,
Among other cybersecurity best practices,
said Galván. The main keys for companies
organizations must be committed with
to successfully implement cybersecurity
securing customers’ data and be prepared
include the implementation of a holistic and
to handle possible breaches when they
clear strengths, weaknesses, opportunities
happen, said Lozano: “It is not a matter of
and threats (SWOT) vision in terms of data
whether it will happen to me or not, but when
security, avoiding investments directed to
it happens to me, how will I react?” Assertive,
projects intended only for parts of the entire
transparent and clear communication is a
security infrastructure and remaining aware
crucial part of crisis management, he added.
of the global situation, he added.
The establishment of appropriate controls
On the other hand, companies must take care
and policies to reduce cybersecurity risks
of their teams working on cybersecurity, said
is both a matter of organizational culture
Lozano: “Whether it is a third-party provider
and deploying the right toolset, according
or not, you will always need someone in-
to IBM. Building a strong cybersecurity
house to manage those third parties. It does
stance provides insight into threats and
not have to be a large team, but there should
helps ensure regulatory compliance. “We
be a person that can coordinate all the
test our processes through plans. We do
security efforts and has enough expertise.”
HELPING OT CYBERSECURITY MATURE: AN INDUSTRIAL CONCERN While company leaders look forward to the
technology of Industry 4.0, companies
applications and the increase in productive
need to consider how they will protect
capacity promised by the operational
these assets from cybersecurity threats.
13
C on f e r e nc e H ighlights The central challenge industry experts will
the identification of vulnerabilities and
confront during this experimental phase
developing security controls in response.
concerns bridging operational technology
This effort is complicated by the parallel
(OT) cybersecurity preparedness to that of
“ transformation industrial companies
more mature IT departments, according to
are undergoing with the addition of new
industry experts.
technologies and digital infrastructure reconfiguration,” said Alexandro Fernández,
“Dependence on technology has potentiated
Head of Cybersecurity OT, Coca-Cola FEMSA.
new risks that go hand in hand with technology development. New challenges
This metamorphosis implies a seismic
will probably arise,” said Juan Gálvez,
transformation and calls for education among
CISO, BIVA.
industries that were previously sheltered from cybersecurity threats, requiring OT and IT
Until recently, OT assets had been protected
departments to work side by side to “develop
from cybersecurity threats by an isolated,
transparent security controls in consideration
“air-gapped” network environment. This
of both operational fluidness and security
o p e rati o n a l m o d e l b e c a m e o b s o l ete
compliance standards,” said Gálvez. This is
overnight with the rise of smart devices
an all-new process for industrial companies
that require direct network connectivity to
and cybersecurity companies alike, a
generate data about operational productivity.
transformation that also stands to bring these
This migration has created a convergence
parties closer so horizontal security needs can
between OT and IT, thereby creating added
be developed at the same pace.
concerns about cybersecurity preparedness between these technology assets and
So far, the top priority for companies
managing departments.
concerns establishing the variable c o n s t a n t r e m ove d by I n d u s t r y 4 . 0 :
This knowledge gap has created a sense
network security. Establishing controls
of urgency among industrial field experts
and monitoring network security help
who only have to look to the Colonial
strengthen the network perimeter and
Pipeline Hack and others to understand the
“should be the primary concern of industrial
potentially devastating impact of a potential
companies,” said Fernández. Furthermore,
breach. This learning process has only begun,
as companies work to reconfigure their
however, with many companies trying to
digital infrastructures, they should also
“identify and formulate a security baseline
consider recognized best practices such
in consideration of independent operation
as layering independent networks, one for
needs,” said Oscar Jaramillo CIO, Enermex.
OT and another for IT so that in the worstcase scenario companies can control the
The reigning concern and focus of
blast radius of a security breach to one
industrial companies is trying to precipitate
network segment. While conceptually this
14
C on f e r e nc e H ighlights sounds straightforward, it is highly complex
Trust protocols, as a means of circumventing
to implement in practice because it also
malicious data access from anywhere as
requires the simultaneous implementation
enabled by cloud and edge computing. This
of security controls. This implementation
is particularly relevant for industry sectors
process must also consider the formation
that routinely receive petitions for updates
of “robust security protocols at the point
and support from public IP addresses, said
of interconnection between OT and IT
Jaramillo. Companies should also consider
networks”, said Jaramillo.
contingency plans to protect data assets either through direct, cloud or disaggregated
Other prac tices considering network
storage practices, said Patricia Fragoso Soto,
security concerns the adoption of Zero
Manager IT, Volkswagen Mexico.
CLOUD PROVIDERS, USERS SHARE SECURITY RESPONSIBILITIES While cloud computing ser vices have
physical hosts and networks on which
been celebrated for enabling the digital
the computer instances run, according
transformation, their rapid assimilation has
to Checkpoint. The customer’s security
inadvertently created unique opportunities
responsibilities include managing users
for cybercriminals to exploit. Protecting
a n d th e ir a cce s s p rivil e g e s (id e ntit y
against these threats is a responsibility
and access management), safeguarding
equally shared by the cloud provider and
of cloud accounts from unauthorized
the customer, agreed industry experts.
access, encrypting and protecting cloudbased data assets and managing their
“Companies will need to explain and
security posture.
recommend what to do with the leaked information. These companies should
Under this model, each player is responsible
also have a crisis group ready to
for what is under their control. “If you can
mitigate the impacts of the leak. Doing
configure various privacy and security
nothing greatly affects their image”
settings, you have to do it and also back up
Óscar Octavio Salgado Álvarez CIO | GMX
the data that is in the cloud because it can also be lost. Thus, it is important for companies to generate cyber resilience,” said Oscar Salgado, CIO, Grupo Mexicano de Seguros, and President, Tech Committee, AMIS.
“There are responsibilities of providers and of clients. Although the cloud is software-
Companies must also be aware that in the
as-a-service (SaaS), about 85 percent of the
cloud there is no perimeter to protect like on
settings to control it belong to customers
a premise. “On-site systems allow companies
and depend on them to be configured,” said
to know the number of computer equipment
Arnulfo Espinosa Domínguez, President
present on premise, their configuration and
of Tech and Cybersecurity, CT IMEF, and
the physical space they use, but in the cloud
President, ARES Alliance.
there is no perimeter, the infrastructure is shared with other users unless it is private,”
Cloud security involves a broad set of
said Salgado.
technologies, policies, controls and services that protect cloud data, applications and
The new hybrid cloud model is causing further
infrastructure from threats. The security
challenges. For that reason, a homogeneous
responsibilities that always belong to the
strategy and a coherent infrastructure
cloud providers pertain to safeguarding
are fundamental and can be achieved by
the infrastructure itself. They also involve
documenting each cloud a company has and
m e a su re s n e ce s s a r y wh il e p rovid in g
developing a personalized treatment and
access , patching and configuring the
approach for each, said Espinosa.
15
C on f e r e nc e H ighlights
To h a v e a c l e a r s e n s e o f s h a r e d
Director Cybersecurity, Privacy & Forensic
responsibility, companies must ensure
Services, PwC. However, in the worse-case
t h e y h ave c l e a r c o n t r o l o b j e c t i ve s ,
scenario in which a company suffers from a
explain e d Fra ncisco C a rlos M a r tín ez,
data breach, transparency with its clients is
Head of Security Architecture, Santander.
the best policy, according to Carrillo.
“The cloud is an extension of the data center and it is also an infrastructure
Transparency with those affected will
of different actors and services. Thus,
damage the final user’s confidence less
a s su m in g re sp o n sibilit y fo r s afet y is
than keeping the data breach secret,
implied. Nonetheless, regulations still have
said Salgado. Preparedness is also key.
to be clear on the responsibility between
“Com pa nies will n e e d to explain a nd
cloud provider and customer in case of
recommend what to do with the leaked
breaches,” said Martínez. Furthermore,
information. These companies should also
contracts should include a clause with
have a crisis group ready to mitigate the
security requirements and compliance
impacts of the leak. Doing nothing greatly
with standards, he added.
affects their image,” said Salgado. Also essential is reporting data breaches to
While a fast response is key, security should
other cybersecurity companies to avoid
be implemented from the ground up. “We
similar attacks, said Carrillo.
must not forget that there is a fundamental step that can set the ground for a much safer
Many companies are unprepared and slow
cloud and this is its configuration from the
to react to cybersecurity attacks. “When
very beginning,” said Lorena Bravo, CTO,
a cyberattack is successful, it takes 2.5
Oracle. Bravo said that 65 percent of breaches
weeks for the affected company to notice
in cloud were caused by poor configuration,
the breach and it takes it three more
43 percent of those by the use of unencrypted
weeks to mitigate it,” said Bravo. This
bases. “Companies do not identify the catalog
slow response calls for a more proactive
of sensitive data, so they cannot create the
a p p ro a c h to c y b e r s e c u rit y. “ We c a n
perimeter to protect it nor create a security
no longer have reactive cybersecurity
strategy to prevent [attacks],” said Bravo.
m o d e ls . I n s te a d , we n e e d co ntin u it y plans,” said Bravo.
The Privacy by Design (PbD) concept holistically aims to embed privacy into the
Fo r co m pa nies to h ave a s afe clo u d ,
earliest phase of the development lifecycle.
“sh a re d re sp o n sibilit y, tra n sp a re n c y,
“Data protection through technology design
best practices and sticking to regulatory
will protect data processing procedures and
processes are to be the fundamental steps
will help these processes to best integrate
to follow after a company has integrated
to the technology,” said Juan Carlos Carrillo,
PbD on its cloud,” said Martinez.
16
C on f e r e nc e H ighlights CIOS, CISOS ROLE IS SHIFTING TO SERVICE ANALYSIS, CYBERSECURITY The COVI D -1 9 pandemic accelerated
focused on managing technical projects and
the digital transformation across most
systems, leveraging technology to increase
industries, giving greater visibility to
efficiency and cut costs. As storage and
the work done by the Chief Information
analysis of data grew in importance for
Officer (CIO) and the Chief Information
companies, the job has evolved and CIOs
Security Officer (CISO) executives. With
now lead digital transformation initiatives,
new technologies propelling the digital
forging closer ties with the business side of
disruption, the focus of the CIO has shifted
their organizations.
to ser vice analysis, market reach and cybersecurity rather than running the IT
The
pandemic
accelerated
the
department, agreed industry experts.
transformation of retail and e-commerce b usin esses . For exa mple , nationwide
“With cloud solutions available, the cost is more affordable for companies, including SMEs. At GM, we are developing a cybersecurity strategy that includes our dealership network and suppliers. We want to raise the bar for them.”
department store Coppel took a leap into omnichannel sales. “The challenge for digital transformation here is large. We are moving from controlled, physical environments to different channels that are public . Regarding omnichannel sales, we already do transactions via WhatsApp, mobile applications and webpages,” said Antonio
Heriberto Landetta
Saracho, CIO, Grupo Coppel. While these
IT Senior Manager | GM México
systems offer greater sales opportunities to companies, these transactions become very complex and challenging for both CIOs and
Digital consumption habits have changed
CISOs, he added.
in Mexico, with the massive migration to digital, online shopping and communication
Th e C I SO is a se nio r- l eve l exe cutive
in a hyperconnected world, said Elvira
responsible for developing and implementing
Sánchez, CIO, DHL: “Ensuring the security
an information security program, including
of operations is vital and has become the
procedures and policies to protect company
main challenge for CIOs and CISOs. With the
communications, systems and assets from
growth of cybercriminals, we invest strongly
both internal and external threats, according
in technology, shipment protection and
to TechTarget. Besides responding to data
protection of personal data of clients and
breaches and security incidents, CISOs
collaborators. One of the main challenges
must anticipate new and emerging threats
is developing cybersecurity systems for
and work with other executives across the
the unknown because it requires constant
company to align security initiatives with
understanding and training of the entire
broader business objectives.
organization. It is not enough to install hardware and software; you have to detect
“We work together with the CISO on in-
and address the true vulnerabilities of
depth analysis to assess risks and to carry
the company.”
out intelligent monitoring to understand patterns. Current challenges demand a
CIO is a C-suite job title given to the executive
preventive approach to problems, not just
in cha rg e of information te ch nology
a reactive one. Cybersecurity has become
initiatives and strategy. The CIO role, which
a very complex career and collaboration is
was established in the 1980s, oversees the
crucial,” said Saracho.
computer systems required to support the organization’s unique objectives and goals,
Cybercriminals continuously expand their
according to TechTarget. Initially, the CIO
capabilities to take advantage of limited
17
C on f e r e nc e H ighlights security awareness among companies.
of clients, employees, third-party companies
With multiple attack vectors, “attackers
and suppliers, said Sánchez: “Nowadays,
have become more sophisticated and
we have almost everything in the cloud and
t a r g e t v i c t i m s ’ we a k n e s s e s , f o r c i n g
at DHL we are very strict with regulatory
CIOs and CISOs to change strategies to
compliance. The protection of sensitive data
face them,” said Erik Moreno, Head of
is crucial to a trusting relationship with our
Cybersecurity Advisory Services, Minsait.
clients. Forty-five percent of organizations have experienced some sort of attack on
Th e so p h is tic atio n a n d exp a n sio n of
supply chain software.”
capabilities of cybercriminals force companies to make larger investments to strengthen their cybersecurity strategies,
Cloud Computing Is Key to Democratize Innovation
said Heriberto Landetta, IT Vehicle Sales Marketing and Aftersales Manager, GM
Cloud computing transformed the way
México: “There are two main pillars to
software is built and who gets to build it.
build a robust security strategy. First,
Before the cloud, only big companies had
the technical elements, which include
access to the highly skilled talent and the
hardware, software and firewalls to face
massive hardware infrastructure required
attacks. Second, training for internal staff
to build software products, as reported
to handle certain emails, avoid phishing,
by Forbes. Cloud computing tools like
ransomware and staying firm in the face
Amazon Web Services, Microsoft Azure and
of uncertainty. It is important that we
Google Cloud Platform, among others, have
make people see that information is the
democratized software development, which
company’s most important asset.”
has become available for companies of any size and budget.
With the emergence of new technologies and the acceleration of the digital
While Coppel focuses on omnichannel sales
transformation, CIOs have had to develop
and the cybersecurity challenges around
skills that go beyond traditional technology
them and DHL reinforces its sensitive data
management. Although responsibilities of
protection and supply chain sof tware
CIOs vary according to their organizations,
security, GM is working on a 360-degree
industry and region, these executives are
cybersecurity strategy, said Landetta: “With
in charge of innovation and collaboration.
cloud solutions available, the cost is more
They must also balance the IT budget and
affordable for companies, including SMEs.
the motivation of their staff.
At GM, we are developing a cybersecurity strategy that includes our dealership
It is essential to have a robust security
network and suppliers. We want to raise the
system that guarantees the security of data
bar for them.”
18
C on f e r e nc e H ighlights As the digital transformation continues
S a ra ch o: “ Th e digital tra nsform ation
expanding among businesses, the joint
continues changing business lines and these
work done by CISOs and CIOs is no longer
executives are now part of the strategic
delimited to regulatory compliance, said
teams of companies.”
INTERNAL DEVELOPMENT KEY TO MINIMIZE TECH TALENT SCARCITY The accelerated adoption of technology
compete with international corporations that
applications and solutions in the emerging
are beginning to nearshore cybersecurity
d i g i t a l - fi r s t e c o n o my h a s c re a te d a
jobs, as they too have a limited talent pool.
pronounced demand for cybersecurity
As such, to appease current cybersecurity
talent in Mexico. The labor pool for this
needs, companies stand to benefit from
specialized talent is limited, however.
upskilling their existing employees, who
Companies should consider the internal
already understand their organization’s
development of cybersecurit y talent
digita l inf ra s tr u c tu re , p ro cesses a n d
through career programs to proactively
objectives.
b rid g e u rg e nt se cu rit y n e e d s i n th e increasingly hostile digital ecosystem,
P re ce d i n g th i s i n iti a ti ve , co m p a n i e s
suggest industry experts.
need to first conduct an “internal audit of talent skills, measuring their abilities
“By sourcing and training talent from within
against cybersecurity needs so that they
their own organizations, companies have
can easily identify individuals with high-
the opportunity to generate cybersecurity
potential,” said José Arraiga, CIO, Tokio
talent that already understands
Marine. Nevertheless, there should be
organizational processes and objectives,”
genuine interest on behalf of candidates to
said Valther Galván, CISO, Prosa.
continuously learn and build a career out of this investment opportunity, said Galván.
“By sourcing and training talent from
In other words, technical and soft skills can
within their own organizations,
be developed and nurtured over time, but
companies have the opportunity to
personal attitude cannot. Thus, attitude
generate cybersecurity talent that
should play a decisive role in the selection
already understands organizational
of candidates, who must also demonstrate
processes and objectives”
the ability to communicate effectively
Valther Galván
with executives and contributors alike so,
CISO | Prosa
when necessary, they can provide insights regarding risks for strategic business decisions and create security controls.
The digital transformation inadvertently
Moreover, candidates must also display
expanded the risk surface of companies,
a natural ability to lead considering that
increasing the need for cybersecurity talent
“cybersecurity is a strategy that needs to
across all of Mexico’s industrial sectors.
be implemented under well-defined controls
The observed and tangible implications
and strategies,” said Jenny Mercado, CISO,
of cybersecurity breaches over the past
Betterware Mexico.
two years have clearly demonstrated that businesses’ budgets must now include
This implementation initiative should also
cybersecurity investments. While Mexican
consider the “coordination between Human
companies have been proactive about
Resources departments and Information
their recruitment and retention efforts,
Technology departments, so they can
companies are reporting that despite those
create added-value career development
efforts they are still having a difficult time
programs,” said Arraiga. This is crucial for
sourcing talent. Furthermore, domestic
the development of naturally progressive
companies are increasingly having to
career pathways in line with cybersecurity
19
C on f e r e nc e H ighlights needs and for the increase of talent retention
“contingency plans such as training multiple
rates, allowing the company to retain the
candidates and have succession plans in
employees it is investing so heavily to
place,” said Arriaga.
develop. The primary objective is to create incentives that will make contributors want
Looking towards the future, companies
to stay committed to the organization,
should also consider partnerships with
something that cannot be overlooked
universities and technic al schools to
considering that talent-poaching is at an
accelerate the generation of cybersecurity
all-time high. That said, companies should
talent in line with immediate skills they will
acknowledge that they are always at risk
need. This would be replicating an initiative
of losing their cybersecurity talent to
currently observed by Mexico’s aerospace
competitors, lifestyle changes and sickness.
industry, which has proved to be fruitful for
As a result, companies should prepare
this sector.
HUMAN BEHAVIOR: AN OVERLOOKED ASPECT OF CYBERSECURITY Businesses and cybersecurity experts have
see, which cost them their jobs and cause
been incessantly challenged to continuously
unquantifiable losses for the company,”
develop and implement preventive protocols
s a i d M i g u e l P o r fi r i o C a m a c h o , V i c e
in response to increasingly sophisticated,
President IT, AMIS. To prepare the user
coordinated and longer lasting threats.
for potential cyberattacks, AMIS provides
To strengthen cybersecurity, industr y
education regarding antiviruses, malware,
leaders must secure the weakest link in the
phishing and other examples to help users
chain: users.
identify threats. “With the home office modality, it is as if companies had many
Human behavior is one of the largest risks
branches, only without security or security
to a secure network and vital to identify
that depends on the user. Thus, users need
anomalies and prevent cyberattacks. While
to independently know how to avoid an
understanding the technical processes
attack,” said Camacho.
of network security is important for a successf ul per formance, exper tise in
Physiological processes can lead
behavioral analysis is increasingly in-
h u m a n s to h ave d i ff e re n t re s p o n s e s
d e m a n d a n d b e co min g a n a sp e c t of
to s i m i l a r s i t u a t i o n s , s a i d B i s m a r c k
cybersecurity education programs.
A nim as , I n cid e nt Resp o nse M a n ag e r, FEMSA . So, cybersecurity teams must
“ While the user may be the greatest
familiarize themselves with various pain
vulnerability of companies , users can
points. “It is important for cybersecurity
learn and be aware of threats they cannot
professionals to study human behavior,
20
C on f e r e nc e H ighlights because cyberattackers do. They know
points of entry and weak security protocols
exactly where to enter,” said Animas .
to proceed with the attack. Then, the
Thus, companies need to educate and
attacker moves to gain the victim’s trust and
train th eir e m ploye es to avoid th ese
provide stimuli for subsequent actions that
mistakes, he added. This can be done by
break security practices, such as revealing
making training accessible and relevant
sensitive information or granting access
and implementing security controls that
to critical resources. Attackers also take
are both effective and easy to use without
advantage of popular topics or current
disrupting workflows.
events. During the COVID-19 pandemic, Animas explained, attackers lured victims with the promise of news about the virus,
“While the user may be the greatest
vaccine and treatment. When users are
vulnerability of companies, users
home, these attacks can take the form of
can learn and be aware of threats
payroll emails.
they cannot see, which cost them their jobs and cause unquantifiable
“There is even a software that is dedicated
losses for the company”
to social engineering, which is why we
Miguel Porfirio Camacho
are strict even with streaming services
Vice President IT | AMIS
in work computers. Users might think we exaggerate but it is better to do so,” said Camacho.
“Behaviors can change, but responses must be standardized with processes and
The use of friendly language has greatly
procedures for a conscious response on
helped experts to raise awareness and
each occasion. For example, food chains
train people more effectively, said Animas:
have solid processes that allow them to have
“We had to lower our IT ego and begin to
business continuity in branches in different
listen to collaborators and the business
countries. Cybersecurity processes can be
itself to learn how to communicate that
equally successful,” said Erwin Campos,
the point is to defend the business so
Cybersecurity Global Leader, Bimbo.
that it operates safely.” Being flexible with other collaborators helps them feel
It is fundamental to differentiate valid
comfortable raising their voice in case of
human behavior from machine behavior,
a suspected attack.
said Campos. Correctly identifying fraud is also key but companies also have a
“Also sensitize bosses and go as far as to
responsibility to provide tools to reduce
simulate a cyberattack to see how people
h u m a n we a k n e s se s a n d exp osu re to
react to know what needs to be improved,”
different attacks.
said Camacho. Providers would also benefit from investing in machine learning and
Humans are the easiest target because
AI to facilitate processes for customers
manipulating people is easier and faster
because “ these tools learn for users’
than trying to violate a simple system,
behaviors. Investing in security will avoid
Campos said. This is why training and
losses in other areas,” said Camacho.
security awareness are the best tools to identify threats and allow users to easily
Through training and education users can
report them.
“understand that they are also responsible for the company’s security, but also of their
Social engineering attacks, which are
own private security. This way, they can
becoming more common, can also be highly
avoid falling for personal or professional
personalized. A perpetrator first studies
attacks,” said Elizabeth Peña Jauregui,
the intended victim to gather necessary
H ead of G overnment and Industr y
background information, such as potential
Relations, Ericsson LATAM North.
21
C on f e r e nc e H ighlights LEVERAGING AI, MACHINE LEARNING FOR CYBERSECURITY DEFENSE New technologies like artificial intelligence
“There are many cybersecurity tools that
(A I) a n d m a c h i n e l e a r n i n g ( M L) a re
leverage AI for more robust detection.
transforming all industries , including
The idea is precisely to detect anomalous
technology and cybersecurity. While AI
behavior, compared with normal user
and ML have become important tools for
behavior. We cross-check these behavioral
companies to defend their systems, they
metrics with hundreds of breach models
are also used by cybercriminals, opening
to detect unusual activity,” said Pablo
the door to an automated fight between
Carrillo, Account Executive, Darktrace.
machines. Under these circumstances,
It is not efficient to bring a human into a
it is crucial to use the right tools and
battle between machines, since not even
technologies to fight intelligence with
the greatest expert can always respond in
intelligence, agreed industry experts.
time, he added.
“AI and ML have revolutionized all industries.
Although AI and ML seem futuristic, they
The possibility to predict events transforms
are already playing an important role across
a se c to r i n eve r y p os si b l e way. T h e
several industries, said Israel Gutiérrez, Chief
cybersecurity and cybercrime industries
Technology Officer, A3Sec. Attackers are
are not the exception. On both sides, there
increasingly becoming more professional,
are people who understand how AI and ML
robust organizations, forcing companies to
work and leverage them for their purposes.
invest in cybersecurity, he added.
Companies must use these tools to build a cybersecurity culture,” said David Casillas,
With the proliferation and evolution of
Founder and CEO, Nyx Technology and
cyberattacks, ML and AI enable companies
Pixframe Studios.
to keep up with attackers, automating threat detection and responding more
“The cybersecurity environment within
efficiently than traditional software-driven
companies is complex. In some cases,
approaches, according to Balbix. These
they operate through silos, with a lack
technologies help cybersecurity teams due
of knowhow. AI and ML tools help
to the unique challenges they face, such as
mitigate threats and even prevent
hundreds of attack vectors and masses of
them. Companies must become
data that have moved beyond a human-
more proactive and analytic regarding
scale problem.
their cybersecurity strategies”
Alfredo Sastre Barraza President | CSOFTMTY
As AI’s popularity increases, there are several offerings that do not meet the AI test, as reported by Forbes. Pure AI is not only a technology that analyzes data and
The space for cyberattacks is vast and
lets results drive certain outcomes, it is
continues to grow and evolve rapidly. In
about reproducing cognitive abilities to
response to this challenge, AI-based tools
automate tasks. AI systems get smarter
for cybersecurity help information security
the more data they analyze; they learn
teams to reduce breach risk and improve
from experience and become increasingly
their security. AI and ML have become
capable. “The foundation of AI is data. You
critical technologies in information security,
have to collect the right data to generate
as they quickly analyze millions of events
effective algorithms. The more data these
and identify several types of threats, from
systems have, the smarter they become,”
malware to risky behavior that may lead to
said Casillas.
a phishing attack. These technologies learn and improve over time, utilizing data from
Th e COV I D -1 9 p a n d e mic a cce le rate d
the past to identify new types of attacks now.
the digital transformation across the
22
C on f e r e nc e H ighlights world. In Mexico, several companies were
Fully avoiding cybercriminals is almost
forced to implement teleworking, adding
impossible so a company should not try to
new cybersecurity risks. Cyberattacks in
become impenetrable, which would be the
Mexico increased by 600 percent during the
ideal situation; its focus must be to become
pandemic, according to TotalPlay Empresarial.
resilient, said Daniela Hernández, CISO, Grupo
While attacks become increasingly prevalent
Converse de México, and Vice President of
in the country, only four out of every 10
Cybersecurity, AMEXICOM: “Attackers can
companies have a plan to strengthen their
easily predict what we will do and for us it is
cybersecurity, reported El Economista.
not that simple. AI and ML can be our weapon
Fifty percent of companies that suffered
to fight this cyber war.”
a cyberattack were reportedly unable to identify its origin.
Beyond all the benefits that AI and ML bring to information security teams, these technologies
“The cybersecurity environment within
also help to face the pronounced demand
companies is complex. In some cases,
for cybersecurity talent in Mexico, which has
they operate through silos, with a lack
considerable training gaps. “The automation
o f k n o w h o w. A I a n d M L to o l s h e l p
of certain functions reduces human errors.
mitigate threats and even prevent them.
Beyond the technical aspects, training is
Companies must become more proactive
crucial. In addition, synergy between IT and
and analytic regarding their cybersecurity
cybersecurity teams is important. AI and ML
strategies,” said Alfredo Sastre Barraza,
are new IT assets that must be administered
President, CSOFTMTY.
under a new focus, security,” said Hernández.
DISRUPTING REACTIVE CYBERSECURITY MODELS WITH CHAOS The traditional, signature-based threat
intrinsically always places hackers one
identification approach to cybersecurity
step ahead,” said Rozenfled.
leaves companies at a reac tionar y disadvantage. The Mathematical Chaos
E xisting cybersecurit y solutions that
model breaks with the classical detection
co n ce n tr a te s i n g u l a r l y o n d e te c ti o n
and response approach to cybersecurity,
and response will always fail eventually
pushing forward a highly sensitive zero-
because 100 percent detection is not
trust model that is continuously reacting
possible given the continuous innovation
to anomalies in real-time, said Sne er
of malicious software. Although this field
Rozenfled, CEO, Cyber 2.0.
has made significant progress with anomaly detection through behavioral analysis
“ The cybersecurity world is based on
and deep-packet inspection, these tools
a vulnerable biological model that
fundamentally rely on the identification of
23
C on f e r e nc e H ighlights malicious software before preventing its
interact with a system’s network, even when
spread throughout an organization. In other
Cyber 2.0 is removed from the system. This
words, the traditional reactionary approach
model is more adept to protect computers,
is designed to fail in the face of an ever-
which function and communicate based
evolving cybersecurity landscape, which
on numbers “rather than the biological
is churning out increasingly sophisticated
approach that attempts to protect them
cybersecurity threats on a daily basis.
as a human body,” said Rozenfled. This approach is complemented with over
“The overarching objective of Cyber 2.0 is
capacities including network obscurement,
to shift the primary focus of cybersecurity
security operation centers and forensic
from detection to containment, shutting
capabilities, but these are all secondary to
down an invasion before it can spread an
the chaos algorithm that does most of the
exact greater damage,” said Rozenfled.
heavy lifting.
The Mathematical Chaos model is based
To prove the validity of its cybersecurity
on the Zero Trust security model, which
approach, Cyber 2.0 has invited over 5,500
operates under the assumption it does not
white-hat hackers over four years from 30
know where the next cybersecurity threat
countries to attack its system, giving them
will emerge from. This algorithm essentially
administrator passwords as a starting point.
verifies every software that requests to
All of them have failed so far.
www.mexicobusiness.mx