Latin American companies are coming to consider cybersecurity a strategic business matter, but work still remains to be done on basic issues to guarantee protection.
“In the region, many clients are no longer looking at cybersecurity as a technology issue, but more as a cultural issue and from a perspective of strategy,” said Marcelo Zillo, AWS security leader for Latin America.
At a press conference during the AWS Re:Inforce security learning event taking place in the US this week, the executive explained that the financial industry is among those that invest most in cybersecurity, along with government and critical infrastructure companies such as energy utilities.
“At Amazon we have an expression that is the democratization of technology. The same can be said for security. AWS democratizes security because whether it’s a small company or a large company, they have access to the same level of security,” Zillo said in response to a question from BNamericas.
A recent survey by cybersecurity firm Lumu Technologies revealed that 86% of security leaders surveyed by the company believe that migrating from legacy cybersecurity platforms to cloud-based platforms is a priority.
Despite the increased awareness about the need for cybersecurity, Latin America still needs to work on more basic information protection issues.
“Certainly, we have to adopt machine learning solutions, we have to adopt smart solutions, but first you have to get the basics right,” Zillo said.
The executive explained that a large proportion of cybersecurity problems are related to the lack of use of multifactor authentication to access cloud platforms.
“When we look at ransomware cases or events in general, a lot of them started with phishing or a compromised credential,” he explained.
The lack of trained personnel is one of the main challenges in cybersecurity issues. In Latin America alone, it is estimated that there is a deficit of 500,000 professionals in this area.
“We need more cybersecurity professionals and also more cloud security knowledge,” Zilo said.
AWS proposes a model where both the customer and the cloud provider have responsibility for security issues.
Another challenge involves sharing knowledge. “The bad guys are always sharing, so we on the other side also have to share good practices and knowledge,” Zillo said, adding that companies are now more open to exchanging best practices and learning from each other.
AWS infrastructure facilitates this with availability zones and local zones, which allow a customer to have instant information about incidents anywhere in the world.
For example, GuardDuty is a service that uses artificial intelligence and anomalous behavior detection, among other features, to detect threats.
In Latin America, AWS has local zones in Argentina, Brazil, Chile, Peru, and Mexico, among others.