“International cooperation and building awareness are necessary to achieving a more secure world,” Daniel Monastersky
Security, in any of its dimensions or spheres, is the first responsibility of any government. In this age of hyperconnection and interoperability, new actors and risks have emerged that have forced governments to carry out major revisions and transformations in their security and defense policies. Companies are also looking for the best way to combat increasingly frequent and complex attacks. For all of the advancements in cybersecurity, cybercriminals who use these sophisticated methods to perpetrate their attacks remain a force to be reckoned with. For Daniel Monastersky, a lawyer specializing in computer law and protection of personal data, “it all comes down to the weakest link, which is the individual.” Mr. Monastersky is an Advisory Board Member at the Global Forum on Cyber Expertise (GFCE). In Argentina, his native and home country, he is an impeller and collaborator in the drafting of the law to regulate online identity theft.
How to Fight Cybercrime
In the field of security, “legislation is not the answer to everything”. It is also necessary to create “awareness and digital education campaigns from early ages onward”. According to Monastersky, businesses constantly have to face the threat of data breaches, industrial spying, and, of course, ransomware, a crime that has been spiking over the last few years. The recent WannaCry and GoldenEye/Petya attacks have shown the “problem of the individual” in security. Despite the fact that the security patch has been available in Windows Update to correct the vulnerability that these attacks exploited, “for simple day-to-day reasons, the company’s vital information was not protected and the consequences at corporate level were tremendous.”
Organized crime and cybercriminals are working side by side, and from a “cyber law” perspective this is a major trend. Mafias are migrating to the digital world, most likely because they’ve realized that “cyberattacks are a very easy way to finance their operations.” To this end, such organizations are recruiting developers to build tools that would breach the security systems of companies and individuals. For Monastersky, there are global measures that will need to be adopted to combat cybercrime, because “international cooperation is crucial when it comes to this type of crime, since it is transnational, and it is essential to have accurate information to resolve the conflict as quickly as possible.” It is also necessary “to grant bigger budgets to security forces so that they can develop their resources against cybercrime in a much more professional way.”
Through prevention and awareness campaigns, companies can control and manage their safety and reputation. According to the expert, individuals are vitally important in the new security dynamics created by the digital world: “You have to create spaces for people inside companies, from the highest to the lowest positions, to know the consequences of sharing information on digital platforms that may directly or indirectly affect your company.” If employees are not educated about digital behavior, “the damage could be enormous.”
Is this legislation up to the coming cybersecurity challenges?
“If only we had data protection laws in Latin America like the European Union’s GDPR.” According to Monastersky, the progress in data protection in Europe has been monumental, mainly with the implementation of the General Data Protection Regulation. In Latin America, he says, there are no such regulations, so many companies do not meet the minimum standards to protect the data of their customers and employees.
The bottom line is that terms such as awareness, collaboration, and international cooperation as well as training both employees and individuals, carry more weight than any kind of regulation, and are foundational pillars in the potential solutions to issues in cybersecurity.
The lack of a common cyberspace, standards, certifications, interoperability and legal certainty are some of the main obstacles to the adoption of the cloud computing system in the corporate sphere. This system could lead to cost-reduction for software, better performance of devices, an in data reliability, and universal access to the documents, among other things.
Panda Security’s corporate security solution, Adaptive Defense 360, is a platform that uses contextual logic that analyzes, categorizes, and correlates the data that it gathers on cyberthreats to efficiently protect users and help them to comply with the demanding GDPR regulations.