The global technological explosion brings with it many advantages on the one hand, and threats on the other. The growth of networks and information makes it necessary to consider certain parameters for the care not only of companies, but also of the users who rely on them.
One of the most important challenges of the digital era is cybersecurity, and if we are talking about authoritative voices, there is nothing better than to turn to Liliana Mira, a systems engineer who has worked for many years in multiple companies in the area of software development and everything related to regulations.
"Cybersecurity is one of the disciplines within information and communication technologies, what we call ICTS, which basically consists of analysing the risks associated with a digital ecosystem and managing the procedures that allow you to implement measures or tools that help you protect yourself," Mira said.
To give an example, one can think of a house being built by an architect and, at one point, think of installing an alarm or camera to act as a self-protection element. In IT terms, this is called cyber security.
However, in times of so much technological development, it is impossible not to wonder about the "real" tools that companies have to protect not only their database, but also that of their customers. In this line, who also works as a university lecturer, made a concrete analysis.
"The security budget is only now being taken more into account. Today in the market we can find companies that carry out penetration tests to check the healthiness of the network, configurations are used to protect against certain threatening events such as downloading an email with a virus, to cite a simple case".
"Therefore, there is a large market of tools but at a really high cost, and companies are looking for access to those that are indispensable to cover themselves against potential threats; it is a dilemma they are facing today, which leads them to ask themselves 'do I invest quite a lot of money in a potential threat, or do I dedicate it to another area of production'; that is the current dilemma."
In this context, there is one aspect that is impossible to ignore. In many cases, hacks take place, but the companies themselves are not aware of them. "However, when they do find out about it, it is because the impact has been high. The difficulty in knowing whether the damage is greater than the preventive investment lies in the fact that hacking can take place at any time without anyone realising it," Mira said.
The expert, who also graduated as a psychologist, referred to the importance for companies of "quantifying the value of their customer databases, something that not all of them do", the cost of unavailability of a portal or home banking and also the cost of the experts to be paid to correct the incident.
"What actually happens is that companies know they are vulnerable to potential attacks, and the debate becomes where do I invest the prevention money. If I have a 20-storey building, it is difficult to protect everything, but perhaps I am aware that it is in my interest to ensure greater security on the first five floors and the main entrance door. It's about thinking about where I put the fortress," Liliana explained.
The future of cyber security is an enigma: will risks grow, will peace of mind gain ground? For the engineer, we are "in a major hinge period of transition". After emphasising that technology "makes our lives easier", she stressed the need to "know how to use it to our advantage and to ensure that it is at the service of a better quality of life".
For this reason, he said: "We need to raise awareness of cybersecurity, acquire good practices and strengthen concepts. The better prepared we are and the more we know about the risks around us, the better response we will be able to offer.
How do we think? Why are we so vulnerable? These questions led Mira, after years of research, to coin the concept of psycho-cybersecurity, which is based on an analysis linked to the vulnerability of the "ordinary" citizen who is often swindled when making virtual purchases.
The emotional factor
"There is a big factor to take into account in humans, which is the emotional factor. People approach things differently, they react differently, so what I propose is to do a psycho-cybersecurity analysis that involves seeing how your security side is at the technological level, and seeing on the other side how vulnerable - or strong - your conformation is from the human point of view".
In this context, he called for companies to start thinking more about how to capture the attention of their customers when it comes to advertising campaigns or alerts. "The same ad is not equally effective for 5,000 potential consumers. You have to analyse whether a certain form of communication is what the other person is cognitively ready to receive. Everyone has different emotions, and to understand how a user operates, you need a better understanding of how those emotions act".
As a result, he stressed the need to "strengthen the weakest link, which is the human", and for that to happen, "we must know it, and not just invest only in strengthening hardware and software, because that is not enough to think about greater cyber security", he concluded.