Fighting Today’s and Tomorrow’s Threats, the Keys to SILICON SECURITY DAY 2023

Learn about the new challenges that are shaping the path of cybersecurity in an increasingly complex environment, while discovering the best solutions in the IT industry, the focus of the Silicon Cybersecurity event.

With the expansion of remote working, the multiplication of connected devices and cloud and SaaS infrastructures, traditional security paradigms have become obsolete.

IT and cybersecurity managers are being forced to take a new approach to keeping their employees secure anywhere, on any device, and their business information – increasingly important, valuable and critical across the organisation’s value chain. But at the same time, there is increasing pressure on cybersecurity and IT departments to cover data projects and the digitisation and automation of business processes to increase the organisation’s productivity and competitiveness.

A complex scenario that starred in the SILICON SECURITY DAY 2023, an event organised by Silicon España and NetMedia Europe and attended by nearly 100 IT professionals, both experts and cybersecurity managers, with a clear objective: to share the current digital security challenges faced by companies and organisations today as well as to learn about practical real-world solutions that companies can use to protect their digital assets.

Unified management

Under the baton of Daniel de Blas, head of Branded Content at NetMedia, who was the presenter and conductor of the entire event, Sergio Bravo, Sales Director at BitDefender, opened the day’s proceedings.

During his speech, Bravo made clear the complexity that currently accompanies any company when it comes to managing the different security solutions they have installed. “The attack surface has expanded and to try to respond to this challenge, CISOs end up having numerous tools with which to try to be protected, something that is often counterproductive as these different solutions sometimes overlap, make noise and, above all, create a scenario that is very difficult to manage”.

BitDefender therefore proposes “advanced detection and response (EDR/XDR/MDR) solutions in an integrated cybersecurity platform that covers all the steps of the famous cybersecurity cycle: prevention, prediction, detection and response”, said Sergio Bravo.

The same need to simplify the management of different cybersecurity solutions was highlighted by Darío Bengoechea, Regional Sales Manager for Spain and Portugal at Thales Digital Identity & Security.

“Each CISO, according to IBM data, manages an average of 50 applications or cybersecurity tools. Managing something like this is very difficult,” he said, explaining that another of the great challenges facing companies today is that “more and more data is being generated and this data is increasingly dispersed. Companies don’t know exactly where their sensitive information is and they have very distributed information.

Thus, “knowing where to set up the wall to protect me from an attack is impossible” and, at Thales Digital Identity & Security, the strategy they advocate is “to make data the first line of defence and, in addition, for it to be self-protecting”. This is achieved through encryption, “converting files that can be read into unreadable files, so that in the event of an attack and data theft, cybercriminals can’t do anything with them,” he added.

Data protection in a hybrid world

Sandra Espinoza, Senior Sales Engineer at Commvault, also defended the data as the axis and ultimate goal of any company’s cybersecurity strategy: “Today everything revolves around data; it is the jewel in the crown, the thing that everyone wants to steal and, therefore, everyone wants to protect.

Thus, Commvault’s proposal is to combine data management and cybersecurity with technologies such as Artificial Intelligence for early warnings. “Our differential value lies in our ability to detect risks and security breaches before an attack occurs, even in a company’s backup, which is also a target for cybercriminals,” said Espinoza.

This is what Commvault calls proactive defence, a formula with which to have real-time visibility to detect any intrusion before it becomes a reality, reducing the risk of compromised data and blocking recovery.

Cybersecurity specialists

Another of the participants in the SILICON SECURITY DAY 2023 was Iván Mateos, Sales Engineer at Sophos Iberia, who did not hesitate to affirm how cybersecurity, in addition to technology, lies in people.

Thus, under the title “Protection of people by people”, for the Sophos spokesman, one of the great challenges in cybersecurity is to have people who know about cybersecurity. Drawing a comparison with Formula 1, Mateos explained that “you can have a very good car, but depending on who drives it, that car is faster or not; in cybersecurity it is the same: someone has to know how to “drive” the tools and it is not enough just to know the product”.

This is why Sophos advocates cybersecurity as a service. “MDR is a 24x7x365 expert-managed service that gives organisations the ability to detect and respond to any cyber-attack directed against any part of their IT infrastructure. In short, it is a way for companies to leave cybersecurity in the hands of specialists so that they can really focus on what is really their business.

As we can see, there are different cybersecurity proposals and solutions that V-Valley is well aware of. Thus, during his speech, David Gasca, Sales & Marketing Cybersecurity Area of the wholesaler, which has a staff of more than 60 professionals focused on cybersecurity, said that “our job is to see what solutions really work and evangelise about them so that they reach the customer”.

For Gasca, thanks to the market vision that V-Valley achieves, current trends in cybersecurity, in addition to pay-per-use, “slower than in other technological areas but growing”, companies are currently investing especially in solutions “against denial-of-service attacks, automation and identity management”.

Bad guys’ technology, good guys’ weapon

One of the most anticipated moments of the Silicon España and NetMedia Europe event was undoubtedly the round table with the participation of María Riesco, Police Inspector specialising in Cybersecurity; Juan Antonio Rodríguez, Head of the Anti-Cybercrime Department of the Guardia Civil; Patxi Hernández, Cybersecurity Manager at BBVA; and Miguel Ángel Blanco, Head of Planning and IT Systems at the General Secretariat for Regional and Local Funding.

A debate in which, under the title “Intelligent security to face new generation threats”, all of them agreed in pointing out how new technologies such as Artificial Intelligence pose a risk, yes, but also a new opportunity to improve the fight against cybercrime.

Patxi Hernández, Cybersecurity Manager at BBVA, also pointed out how cybercrime today is “organised crime” in which cybercriminals operate with “business criteria, cost-benefit criteria”.

An even greater challenge for companies and organisations when it comes to protecting themselves, but in which, for example, said the head of cybersecurity at BBVA, the fact that there are more and more attacks “has also made people more aware of the need for protection”.

And he agreed with Riesco when he said: “The same technologies that they use, we can use ourselves. We do need to be more agile and collaborate more among all companies and organisations”.

This collaboration was also defended by Juan Antonio Rodríguez, Head of the Guardia Civil‘s Anti-Cybercrime Department. “Just as we have been cooperating with the security forces for a long time, it is necessary for companies to help us in this fight, for us to be together in this challenge”.

And for this, according to Juan Antonio Rodríguez, it is essential that when a company suffers a cyberattack, it should report it. “Most companies that have been hacked have not said anything. They think that they will suffer serious reputational damage if they make it public, if they report it, and they don’t. In fact, in addition to being obliged to report it, they are obliged to do so. In fact, in addition to being obliged to do so by regulations such as the GDPR, it must be said that those that do report it, and from the very first moment, have a much more positive image in the eyes of customers, employees and society in general”.

Public administration is no stranger to the risk that cybersecurity represents and, even more so, in its case, where the data that cybercriminals crave is as critical as it belongs to all citizens.

Thus, Miguel Ángel Blanco, Head of the Planning and IT Systems Area of the General Secretariat for Regional and Local Funding explained how, in order to tackle cybercrime, the National Network of SOCs, the Cybersecurity Operations Centres, was launched in 2022. “They are centres that can be public or private, and the important thing is that they are connected to each other, sharing information and thus improving detection and response capabilities to possible cyber-incidents”.

In addition, and by way of conclusion, Miguel Ángel Blanco, highlighted the great dogma that, cybersecurity, should mark any step and strategy. “At the company level, collaboration is necessary, and at the citizen level, common sense. The message is clear: Don’t do in the cyber world what you wouldn’t do in the physical world”.

A day that could not end in a better way than with the presentation of the first SILICON Adwards 2023, a recognition to the leaders in technology and cybersecurity whose aim is to honour and thank the work, the spirit of help, collaboration and dissemination of knowledge of the professionals who drive innovation and security in companies and public institutions.

On this occasion, the awards went to Enrique García García, Director of Red Digital i-DE in Spain at Iberdrola in the IT OT Leader category; Manuel Tarrasa, CIO and CTO at Prosegur, in the Security By Design category; and Julia Díaz, Head of Data Science at Repsol, in the Data Driven & Governance category.

In short, SILICON SECURITY DAY has once again become a more than necessary benchmark in which to take the pulse of cybersecurity, the new risks and challenges that arise, but also the perfect appointment to learn about the most innovative solutions and technologies with which to respond to this threat.