We were recently at NextSecure 2019, the largest cybersecurity event in Euskadi, organized by S21sec. During the day we had the opportunity to participate as speakers at the round table of “Identification, protection and response to the evolution of cyber-attacks”, whose main theme was the threats and attacks to which organizations are exposed nowadays.
The central axis of the day was to spread knowledge about the news around Information Security and the dissemination of the most efficient products of the moment through practical cases.
Among the participants of the round table, moderated by MildreyCarbonell (Head of Audit Department of S21sec), were Pedro Viñuales (VP Global Presales Key accounts, MSSPs & Telcos of Panda), Sergio Marín (Regional Director SoE of Thycotic) and José Ramón Fernández de Alarcón (Tenable Country Manager Spain & Portugal). Our colleague Sergio Lasso de la Vega, Director Zona Norte of vintegrisTECH, was able to exchange impressions and ideas with them regarding the security of information and the threats that organizations are exposed to today.
Digital certificates for a higher level of security
Every day we hear about attacks and threats, many of which are detected when they have already caused damage to an organization. In this sense, José Ramón Fernández de Alarcón (Tenable) stressed that people are still the weakest link in the chain, and with them the access management process based on passwords.
From Thycotic, the question was then raised on how to protect this weak and complex link. How to face the challenge, what lines and futures are presented? Sergio Marín highlighted that it could be interesting to address the diversification of authentication systems.
From vintegrisTECH, Segio Lasso de la Vega pointed out the importance of digital certificates, public and private key cryptography and PKI systems to solve new identification challenges and control their possible points of threats and attacks. Today they are fully accepted and recognized for authorization, authentication, access control and transaction encryption. They even solve many problems of symmetric passwords, such as distribution systems and the need to protect its secrecy. At present, they are even more necessary, especially since we no longer speak only of digital identity of people, but also of digital entities or electronic devices.
Finally, Panda Pedro Viñuales spoke about the most difficult challenges to work in that cyber-resilience against attacks, indicating that, even trying to protect on all levels, an organization is still susceptible to suffer an attack. Thus, cyber-resilience can be defined as the ability of a company to adapt and continue with its functions and work in situations of risk.
The day of security with more trajectory of Euskadi
In addition to the round tables that were held, attendees had the opportunity to listen to different presentations and networking. NextSecure, which is going for its 21stedition, remains without a doubt a very complete event, full of news and interesting content on information security.
From vintegrisTECH we want to thank NextSecure for their organization and the opportunity of participating in the most experiencedsecurity conference in Euskadi and hoping to return in future editions.