On June 8, 2021, Privacy Tools conducted the event “LGPD and Cybersecurity”, part of the live stream series “Privacy Above All”. The chat took place on YouTube, from 8 am to 9 am and featured three guests.
They were Andrea Thome (Director of Cybersecurity Solutions at Everis), Leonardo Militelli (CEO of GAT/Ibliss), and Colonel Eugênio Moretzsohn (a leading figure in cybersecurity and national security). The event was conducted by Leonardo Chies of Privacy Tools.
Here are some highlights that were mentioned by the guests during the chat about cybersecurity:
Security improves, but so do the threats.
Andréa Thomé, Director of Cybersecurity Solutions at Everis, commented that she has seen society become much more exposed, but the threats are evolving. “Digital transformation has exposed us even more. The trends of Society 5.0 have led us to bring technologies into our homes, and this increasingly exposes people and companies to cyberattacks and fraud.”
According to Andréa, we have an important set of tools; in two decades we've seen enormous learning. "The more you are attacked, the more you learn. The level of maturity of companies is better, but..." We have the human factor as a point susceptible to attacks.The director emphasizes that the ability to react to these new variables means that society has to rethink information security.
Exposure window is still a problem.
Leonardo Militelli, CEO of GAT/Ibliss, emphasized that the human factor has always been a challenge and continues to be so in this era of remote work. "The human element can be the weakest or the strongest, depending on the level of expertise," he stated.
The CEO of GAT also highlighted that there are many ransomware attacks in Brazil. According to him, The average time to correct a system failure is 112 days."That's a very long time, especially when you consider that cybercriminals are becoming increasingly quick to develop their tools," he warned.
“What we call the window of exposure, which is this time frame, is exploited by hackers. It has been a major challenge for companies, and perhaps the problem lies in the culture and processes.” Militelli believes that the greatest vulnerability lies in the processes. “If there were basic hygiene in terms of information security, we would have a more mature situation.”
Hackers vs. crackers
Consultant Colonel Eugênio Moretzsohn added that unprepared individuals are the weakest link in the security chain. “It’s a matter of qualification. People need to stay updated on what’s happening in cyberspace. Humans are not passive agents.”
Moretzsohn also explained to the event's attendees the difference between hackers and crackers: the former are people who understand the digital world, test our vulnerabilities, and provide services. The criminals, on the other hand, are the crackers.
Regarding phishing, a type of scam that is becoming increasingly common, the consultant notes that it now comes with a sophistication: voice files are created to increase interest and urgency so that the person clicks. An example is those offering free enrollment in a course with a certificate. The person clicks on the link, without any reference, and enters their data. "What you have to do is stop and think: pick up your cell phone and call someone you know who has experience, ask them what they think," he advised.
