In recent months, we have seen private sector companies, public service organizations and government entities fall victim to cyberattacks, mainly of the ransomware type, which put high-value data and even critical infrastructure at risk. Given the impact that this issue represents for the businesses and finances of companies, I dare to say that 2022 needs to be a year in which companies devote more attention and action to the challenges that today make them easy targets.
Among the challenges that we observe from the conversations we have with executives and clients from across the region, as well as from various sectors, is first of all the infrastructure and systems that have not been updated. Many companies still rely on legacy contracts with vendors that lack modern security technologies and practices that prevent increasingly sophisticated threats, resulting in higher costs and increased security risks.
My second conclusion has to do with a high preparation and professionalization of cyberattacks that have the ability to target their actions towards weaknesses in the software supply chains, whose suppliers do not have the tools or the experience to stop them. This is an open door for them to steal high-value information from governments and corporations, generating an economic impact that is already estimated between 2 and 10 trillion dollars, which represents almost the combined value of the five companies with the highest capitalization of market in the world. And finally there is the factor of the existing gap of people who are not trained to anticipate or face these threats, a fact that not only affects a region or country but is also evident at the global level.
That said, what may be the 2022 resolutions that companies could take on in terms of cybersecurity and what can we do from our position? Although I do not believe that there is a clear roadmap for all organizations, I can share the experience we have when building computer systems.
The first point I suggest is that organizations implement and scale zero trust security models (zero trust, in English and as it is known in the sector). This term represents the idea that no person, device, or network enjoys inherent trust. That is, trust must be earned to allow access to any information. Properly implemented, zero trust computing provides the highest level of security for organizations. Another important aspect that I share is strengthening digital security skills and expanding the workforce that focuses on it. In the end, strong cybersecurity is built by the people who implement it. For this purpose, I would like to emphasize that we can start from the most basic, which is to promote cybersecurity awareness and protocols among the general population, and go forward to bet on developing digital skills that give them the ability to design and execute cybersecurity solutions.
On the other hand, as players in this sector, we can evangelize and expand the knowledge and benefits of native cloud technologies, which, beyond just working to store, also provide threat detection services and support companies to mature their programs. of security. An example of this is the Google Cybersecurity Action Team (GCAT), a security advisory team with a unique mission to support the digital transformation and security of governments, critical infrastructures, as well as businesses of all sizes.
The cyber attack landscape, which expanded exponentially with the onset of the Covid-19 pandemic and later with remote work, was a call for action to address these issues more decisively. 2021 emphasized cybersecurity as a global imperative and encouraged new ways of thinking to address the consequences of attacks. I have no doubt that this issue will represent a joint collaboration between various parties ranging from governments, the private sector and even academia. It is time to promote a new era in cybersecurity through innovative solutions and experiences that allow society, governments and companies to enjoy collective security, economic growth and innovation.
*Red ForbesPresident of Google Cloud Latin America