(Expansion) – It is a fact that today’s cyberthreats are not the same as they were 15 years ago, but neither should the knowledge and, above all, the national regulatory framework, which currently continues to be lax in the face of growing capabilities and skills that cyber attackers have developed and the inexorable advance in the complexity of their techniques.
So much so, that ransomware, phishing and identity theft have already established themselves as the main cybersecurity threats for all types of organizations and even for people, customers or users of digital services, like you or me. .
And it is that the COVID-19 pandemic has not only impacted health. It has also been a factor in highlighting the need for a Cybersecurity Law that, on the one hand, protects the critical infrastructure that maintains social and economic order, sustaining the telecommunications industry, supply chains, banking, and even the services of the same government.
On the other, that it has a dissuasive character for the progressive reduction of the commission of cybercrimes and, at the same time, fairly punishes those who commit them, paying the rule of law.
But along with this effort that the Legislative Chambers would have to make, there must be the commitment of the business sector, where the rapid digital transformation has also been revealing cybersecurity gaps in three large areas: secure and complete point-to-point transactions, protection of digital identity and data privacy.
Since 2011, Mexico has occupied the first place in cyberattacks in all of Latin America and we continue to be an attractive target for cybercrime, since during the first half of 2022, 80,000 million cyberattack attempts have been detected, according to the National Council of the Maquiladora and Export Manufacturing Industry (Index).
Unfortunately, even with this outrageous figure, there are those who might think that it does not represent any type of impact in the immediate future within their field or business category, but that is only the denial of a reality that will soon reach them.
We must not forget that we are in an era in which all economic sectors depend on each other and the weakest link, the one that does not have a secure digital transformation, will be the victim of cyberattacks that, due to their degree of disruption, force them to leave the market to the organization due to the inability to continue operating and providing products and services with the levels of commitment previously agreed and acquired.
There are many examples, especially in the financial sector, although few recognize it. In July of this year, the Incident Response Center of Mexico warned of possible intrusive activity in the databases of Invex, Santander and Inbursa Banks, and even Grupo Sanborns. In total, there was talk of the leak and sale through a Twitter social network account of more than one million user records.
A note about the sale of databases from two other banks, with more than 3 million users, recently emerged. However, both banking institutions denied the fact, even when the Network for the Defense of Digital Rights (R3D) found that the documents offered included personal data such as names, RFC, gender, address and even account balances.
These numbers should put into perspective the urgent need for the authorities, company directors and us as citizens, to assume a shared and active responsibility so that each one, from our possibilities and scope of action, promote the legislative discussion on this matter. to strengthen the country’s cybersecurity, protecting the interests of each group or sector, and providing legal certainty, so that cybercrime does not become an overflowing issue of a national security nature.
Editor’s Note : Manuel Alexandro Moreno Liyes Director of the Sales Enabling Area at IQSEC. Follow him on . The opinions published in this column correspond exclusively to the author.