2024-01-11 00:13:16
The growth in the use of Information and Communication Technologies (ICT) in Cuba, with more than 8.4 million users connected to the Internet, of them more than 6.8 million through cell phones and an increase of electronic payments through the Transfermóvil and EnZona gateways have created conditions for cyber threats to also increase, which range from basic cyber attacks malware to more complex intrusions.
In this context, we spoke with Daniel Ramos Fernández, director of digital business at the Cuban Telecommunications Company (Etecsa) and expert in computer systems and cybersecurity, about some of the challenges that are foreseen in the field of cybersecurity for the present. anus.
OPS: According to the cybersecurity company, Kaspersky, in the last year in Latin America the attacks of malware against computers and mobile devices have seen an increase in attempted hacking attacks. phishing and banking trojans.
The government and finance sectors have been the most affected, as have Internet users. From January to September 2023, through the National Cybersecurity Center and the Etecsa Security Operations Center, more than 2,600 incidents were detected and managed, 70% involving natural persons.
These were associated with the occurrence of denial of service cyber attacks, the sending and receiving of spam emails, malicious traffic generated by malicious code, service scans and exploitation of vulnerabilities that have compromised websites and other computer elements and in the case of natural persons, cyberbullying, identity theft, and scams through digital social networks and electronic payment channels.
The main challenge for this year is the implementation of effective actions to create a culture of safe and responsible use of ICT among managers, specialists and the population.
DRF: The year 2023 was marked by an increase in cyber attacks worldwide, putting the security of companies and people’s data at risk. Human error is one of the main causes of cyber incidents in entities, where violations of information security policies by those responsible for computer security and users of these technologies prevail. Weak passwords are used and are not changed in a timely manner; staff visit unsafe websites and system software or applications are not updated when necessary.
The use of services or devices without a security guarantee is another important factor that causes cyber incidents. In this sense, we have detected the use of unauthorized systems and devices to share data that is confidential. Another reported action was the installation of unofficial software on work devices. We must pay particular attention to all these problems in the next stage.
In several organizations and entities it is necessary to create structures to address cybersecurity; In others, advance in the completion, preparation and management of area personnel. This year the first engineers who study cybersecurity at the University of Computer Sciences, UCI, graduate; But we must speed up the emerging training of specialists in short courses, expand the number of universities with undergraduate, postgraduate and higher technical university training plans.
OPS: A first-order challenge is to advance research, development and innovation (R&D&I) in cybersecurity issues, with the participation of actors with the possibility of contributing to this matter. While it is true that cybercriminals will continue to take advantage of advances in Artificial Intelligence (AI) to fulfill their criminal purposes, new opportunities are opening up for the development of innovative and effective solutions to protect our networks and services by taking advantage of AI and data analytics. .
It is essential that this year the creation of state cybersecurity entities that provide comprehensive solutions and increase the provision of services in different sectors is promoted. A priority will be to support the banking process with high levels of security in the technological organizations involved.
DRF: Continuity in strengthening technological security in the banking system; in critical infrastructures linked to ICT, Operational Technologies (OT) and automation; the development of the national antivirus, Segurmática; The consolidation of national platforms such as toDus, Picta and Apklis that guarantee greater technological sovereignty and the improvement of the incident action model are issues that require the greatest attention.
I would add that the legal regulations in this matter require permanent updating, because new problems and technologies emerge at great speed that immediately impact cybersecurity. Today the main norm is Decree No.360; but we have to aspire to have a law as a higher standard.
OPS: This will be a year of consolidation of the work of the National Cybersecurity Group and its provincial groups in order to implement the corresponding measures for the protection of cyberspace in each province and municipality. In November 2024, the III National Cybersecurity Conference will be held, with the participation of experts and specialists from various organizations and territories. The expected result must be in correspondence with the growth achieved in mobile telephone services, the Internet, the computerization of processes and the digital transformation of Cuban society.
Taken from CubaYes
#Cybersecurity #challenges #Cuba