Corporate Cybersecurity | Speaking with Genís Margarit

November 30 marks International Cybersecurity Day. According to data, in 2022, cybercrime accounted for 16.1% of all crimes reported in Spain.  

To protect against these threats, it is important to have a cyber defense strategy that includes regularly updating systems and software to fix vulnerabilities, educating users about digital scam tactics and how to avoid them, and using robust security solutions to detect and remove malware.  

To celebrate the day, and raise awareness of the importance of cybersecurity in today's world, we spoke with Genís Margarit, director of La Salle-URL's Master's in Cybersecurity Management and an expert in the sector.   

How did you get involved in the sector?  

My start in the cybersecurity sector was quite interesting and closely related to the Organic Law on Data Protection (LOPD) 15/99 and Royal Decree 1720/2007 in Spain. These regulations were fundamental in establishing the basis for data protection and information security in the country. 

I realized the importance of protecting personal information and how data breaches can have devastating consequences for individuals and organizations."

- Genís Margarit, director of the Master in Cybersecurity Management at La Salle-URL

LOPD 15/99 and RD 1720/2007 were crucial for the development of cybersecurity in Spain. These regulations not only set the rules for the protection of personal data, but also established sanctions for those who do not comply with these rules. This has led organizations to take cybersecurity seriously and to invest in data protection measures.  

In addition, these regulations have helped raise awareness of the importance of cybersecurity and have led to the creation of new employment opportunities in the sector.   

How has cybersecurity in Spain evolved in recent years?  

Previously, the main focus was on ensuring the availability of systems and protecting them against possible technical incidents. This involved measures such as system redundancy, the creation of backup copies and the implementation of disaster recovery protocols.  

The evolution of cybersecurity in Spain has been remarkable in the last two decades."

- Genís Margarit, director of the Master in Cybersecurity Management at La Salle-URL

However, the landscape has changed dramatically due to the rise of cybercrime. This has led to a shift in cybersecurity prevention strategies, with a much more focused approach to confidentiality and access control.  

This involves implementing measures such as data encryption, two-factor authentication and access permission management to ensure that only authorized individuals can access information.  

Today, security measures not only seek to ensure that systems are available, but also that the information they contain is secure."

- Genís Margarit, director of the Master in Cybersecurity Management at La Salle-URL

In addition, greater emphasis has been placed on detecting and responding to security incidents, with the aim of quickly identifying any security breaches and taking action to mitigate their effects.  

What are the main cybersecurity threats today? 

1. Vulnerable Systems: Vulnerable systems are those that have weaknesses in their security that can be exploited by an attacker to perform unauthorized actions. These vulnerabilities can be the result of programming errors, incorrect configurations or lack of computer security updates. Attackers can exploit these vulnerabilities to infiltrate systems and steal information, disrupt services or perform other malicious activities.  
2. Digital Scams: Digital scams are fraudulent tactics used by cybercriminals to trick people into obtaining personal, financial or business information. These scams can take many forms, including phishing, where attackers pose as a trusted entity to trick people into providing sensitive information, or ransomware, where attackers encrypt a user's data and demand a ransom to unlock it.  
3. Malware: Malware, or malicious software, is a type of software that is designed to damage or perform unwanted activities on a computer system. This includes viruses, worms, Trojans and spyware. Malware can be used to steal information, damage systems, create botnets to perform denial-of-service attacks, and many other malicious activities. 

What role does awareness play in preventing cyber-attacks?  

Awareness plays a crucial role in the prevention of cyber-attacks. However, it is a mistake to focus solely on awareness programs for information system users.  

In addition to user education, it is essential to implement personnel selection policies that avoid hiring people who do not have the right characteristics. This means that organizations must be careful when hiring, ensuring that new employees have the necessary training and skills to handle information security. They must also have a character and work ethic that aligns with the organization's security policies.  

What advice would you give people to protect their data?  

To protect our data, individuals must take security and prevention measures. Currently, individuals are primarily responsible for ensuring their own online security, as public cybersecurity services do not offer free anti-malware tools, secure browsing, VPN, two-factor authentication, etc.  

Here are some tips you can follow to protect your data: 

1. Use anti-virus and anti-malware software: These programs can help protect your computer against online threats. Be sure to keep them updated so they can recognize and protect against the latest threats.  

2. Using a VPN: A Virtual Private Network (VPN) can help protect your online privacy by encrypting your Internet connection and hiding your IP address.  

3. Two-factor authentication: This is an additional layer of security that requires not only a username and password, but also something that only the user has on hand, such as a security code sent to their phone.  

4. Data backup: Make regular backups of your important data to protect against data loss.  

5. Updates: Keep your operating system and all your applications up to date. Updates often include security patches to protect against new threats.  

What challenges and opportunities lie ahead for cybersecurity in the future?  

Cybersecurity faces a number of challenges and opportunities in the future, especially in relation to quantum computing and the military use of cyberattacks with artificial intelligence. 

Quantum computing, although still in its early stages of development, has the potential to radically change the cybersecurity landscape. Quantum computers, with their ability to process information at exponentially faster speeds than traditional computers, could eventually break the encryption algorithms that protect past, present and future communications. This poses a significant risk to the secrecy of communications, as malicious actors with access to quantum technology could potentially decrypt sensitive information.  

Quantum encryption, which uses the properties of quantum mechanics to protect information, could provide a level of security that is virtually unbreakable by conventional methods."

- Genís Margarit, director of the Master in Cybersecurity Management at La Salle-URL

As for the military use of cyber attacks with artificial intelligence, this also poses significant challenges for cybersecurity. AI-powered cyber attacks can be more sophisticated and difficult to detect than traditional attacks. In addition, there is a risk that these attacks may have "collateral damage" on the public Internet, as attacks aimed at military targets may inadvertently affect civilian infrastructure that is connected to the same network. 

However, as with quantum computing, artificial intelligence also offers opportunities to improve cybersecurity. AI tools can be used to detect and respond to cyber attacks faster and more effectively than humans. 

MASTER'S DEGREE IN CYBERSECURITY MANAGEMENT

BOOST YOUR FUTURE!