Mexico. Expo Seguridad México organized the webinar called "Cybersecurity in the protection of personal data from a risk approach", which was presented by Alejandra Pineda Villegas, specialist in the field and international consultant for Prime Consultores.
There were several topics addressed in the webinar, which the specialist addressed attending to five main points: how prepared companies are in cybersecurity and personal data protection issues, what is cybersecurity governance, what is the protection of information itself and some considerations about the Personal Data Security Management System.
According to his own studies, Pineda said that 59% of companies lack a cybersecurity strategy and that 90% of cyber claims have to do with human error. Of that amount, 66% is the result of negligence or malicious acts of employees; 18% corresponds to external threats and 2% is generated by extortion.
"All organizations and individuals are exposed to identity theft and data loss, because information is a very valuable asset and we run the risk since there may be errors of people, in technology and in processes," said the specialist, who also explained the role of corporate governance, IT governance and its frameworks, standards, and best practices that should help protect information.
He also mentioned that cybersecurity focuses mainly on information, in digital format and the interconnected systems that capture, process, store or transmit it, while information security seeks to protect information from risks that can affect it, in its different forms and states, "and although they are different, at some point they come together."
"Organizations must consider what is known as the 'Security Triad', which is integrated by the confidentiality, availability and integrity of information. This is because they must define what can be made known, how open and for whom, and how it can be delivered. That is why it is important that there is a Government of Cybersecurity and Information Security to establish the appropriate policies, "said the speaker.
According to Alejandra Pineda, organizations must consider that they all have different types of security and that there are different layers that must always remain vigilant. "It is true that these are many variables, but it is necessary that we understand them to know what we are going to link, to be resilient and recover soon to give continuity to the business. But, above all, it is an issue of awareness in which all members must participate."
The specialist pointed out that although cybersecurity and information privacy are different elements, one must be sensitive about what is most valuable in organizations, to direct the confidentiality, integrity and availability of information and manage the right to privacy.
"Only through risk management, considering the volatility, uncertainty, complexity and ambiguity in the current environment, will we be able to understand that you can't protect everything equally. That is why we must protect the most risk-sensitive resources that are central to the mission of organizations."
He insisted that companies must raise awareness about risk and develop capacities to detect patterns that allow predicting dangerous situations and achieving resilience that contains damage quickly and can move the necessary resources to minimize impacts, while complying with the laws.
Finally, Jorge Hagg, director of Expo Seguridad México, invited attendees to register for the next face-to-face edition of the event, which will take place from November 2 to 4 of this year, at the Citibanamex Center of the CDMX, on the https://www.exposeguridadmexico.com/es-mx.html site, in addition to remembering that the webinars can be consulted on demand on the site https://www.exposeguridadmexico.com/es-mx/SeguridaChannel.html
