Latin America. We are currently showing how security processes have been nourished by BigData, Artificial Intelligence and Automation, transforming the strategies of companies, and developing the capabilities of detection and response to cyberattacks instead of preventing them.
Both the methodology that supports security decisions and risk management are oriented towards reducing uncertainty. However, the organization assumes unexpected events, which if they happen can leave a company with irreparable reputational damage or with impacts on its processes that are not easily restorable.
Experience shows that recovering an organization from a cybersecurity attack is not easy and its economic, reputational and competitiveness losses are incalculable. Therefore, companies must work on the ability to adapt positively to adverse events.
Javier Díaz, global director of revenue of the A3Sec Group, a multinational expert in cybersecurity, shows the characteristics and differences between resilient risk management models and anti-fragile ones, in this way it can be determined which of them are more efficient to protect the information of companies:
Fragile Strategy: It is more likely to suffer or fail with volatility, the loss is greater than the gain in an incident, it is passive, mistakes are rare and long.
Resilient Strategy: It remains the same in volatility, it is indifferent in stillness or change.
Antifragile Strategy: It grows and becomes stronger with volatility, the gain is greater than the loss with volatility, it is proactive, the errors are small and benign.
Based on the above, Diaz suggests:
• Love failures: Do not fear making many mistakes as long as they are of minimal impact and are not repeated in the same way.
• Be in control: Reduce attack surface and exposure time to attacks.
• Experience vs. Theory: PHVA vs. Adaptive Safety.
• Redundancy Layers: Security in Depth.
• Minimize interventions to complex systems.
With the intention of transforming cybersecurity strategies, the A3Sec Group seeks to protect knowledge to evolve into anti-fragile models of cybersecurity.
Leave your comment