Cybersecurity is no longer just a matter of technology. It has become an essential part of business and companies have ceased to regard cyberattacks as a distant threat that only affects big companies. The challenges of cybercrime were the subject of discussion at the 2020 Cybersecurity Summit organised by the Esade Law School and the specialised firm CyberProof by UST Global.

This conference held at the Esade Forum gave industry experts a platform for discussing cybersecurity trends and the best practices for today’s companies which are increasingly digitalised and therefore increasingly exposed to cyber attacks. “Cybersecurity affects every single aspect of a company: its entrance hall, CCTV cameras and even members of staff. Until recently, photos were nothing special but now they provide enough biometric data to know everything about a customer”, pointed out Saúl Suaña of CyberProof by UST Global, before adding that “data leaks can compromise corporate growth.”

Xavier Ribas, co-director of the Master in ICT, Social Media and IP Law at the Esade Law School, explained that cybersecurity is a considerable challenge for companies as regards not only of finance, but also organisation and legal considerations. “Companies must have specific policies and must comply with all cybercrime preventive regulations. They must also take into account the possibility of having to pay damages to third parties: which may be much higher than actual sanctions”, he emphasised. 

In this respect, Rebeca Velasco, a lawyer specialised in digital law and corporate compliance and an academic assistant at the Esade Law School, pointed out that “cybersecurity is not just about technology.” She underlined the need to weave it into corporate culture as a preventive measure. Velasco said that this shift can already be seen in corporate organisation, with increasing numbers of companies having a chief information security officer (CISO) on their boards of directors with a view to preventing and responding adequately to cyber attacks.
 
Cyber attacks by competitors 

“We need training, our managers need training and so, above all, do the technicians watching out for attacks”, insisted Manel Alvarez, director of CyberProof by UST Global, who then explained how the corporate security perimeter has expanded in recent months to embrace the homes of executives because their families have become targets. Attacks focus on easy targets and the easiest is often a household wifi network.”

The speakers debunked the myth that cyberattacks are the work of criminals outside the business world. “The threats are next door. A company might try to block a competitor’s website so that customers stop buying there”, explained Suaña, who also mentioned that attacks of this type are particularly prevalent during the Christmas period and on specific occasions such as Black Friday.

The need for talent 

The heads of cybersecurity from the entities taking part in the 2020 Cybersecurity Summit such as Suez, Wolters Kluwer, Médicos Sin Fronteras and Fira de Barcelona, and likewise the Microfocus, Qualys and Sophos experts all agreed on the need to have personnel specially trained in cybersecurity. “One of the main challenges facing cybersecurity firms is the ability to pinpoint talented people and then encourage and retain them”, admitted Suaña. In this respect, Ribas pointed out how important it is to train lawyers specialised in this field because, “they need to be familiar not only with cybersecurity issues in order to be able to understand a technical report, for example, but also with specialised regulations.”