Somos FCC - Nº5

What are the main cybersecurity risks for businesses today? Are they the same as for private indivi- duals? Some risks are common to compa- nies and individuals such as loss of information and phishing, however, the consequences can be different, as well as the impact. An informa- tion leak can expose the company to sanctions and significant damage to image and reputation. For busines- ses, the main risk is not being aware of the need to develop a cybersecu- rity management system capable of dealing with the growing threats rela- ted to the use of new technologies. To what extent is cybercrime one of the most profitable crimes of the 21st century? In its Global Risks Report for 2018, the World Economic Forum warned individuals and businesses against inaction and urged them to prepare for sudden and dramatic disruptions caused by cybercrime. As a result, the same organization has put cyber- crime among the three global risks for this year 2018. According to data published by government agencies and statistical centres, global cyber- crime related losses amount to more than $320 trillion by 2017, with a fore- cast to reach $6 trillion by 2021. With this figure, cyber-crime is alre- ady the second largest organized cri- me in terms of turnover, surpassing drug trafficking and second only to international arms trafficking. Can certain attacks be prevented? While recognizing that absolute se- curity is not feasible and would be in- finitely costly, we can affirm that pro- per and effective risk management can reduce the likelihood of an attack and mitigate its consequences. Awa- reness raising and training of emplo- yees about threats in cyberspace, for example, significantly reduces the likelihood of an email attack. What are FCC’s cybersecurity solu- tions? Since 2006, the FCC Group has had a department specialising in cyberse- curity to deal with the growing threat scenario related to the use of new technologies and, in particular, cy- berspace. In recent years, we have invested resources in technologies and specialized personnel to address these new technological risks. FCC’s commitment to information securi- ty led us in 2007 to become one of the founders of the Spanish Associa- tion for Information Security ( www. ismsforum.es ) and to promote the first edition of Spain’s cyber-exercises with four other entities in 2011. Our commitment to the professionaliza- tion of cybersecurity has prompted us to promote the implementation of in- formation security management sys- tems at FCC’s various businesses, obtaining ISO27001 certification in Aqualia, Construcción and Servicios Industriales. In short, we believe that, in today’s technological world, cyber- security must be a constituent part of all business processes to ensure the protection of our assets and opera- tions. Can you give us some advice on cy- bersecurity? The best advice I can give is to con- sider cybersecurity as everyone’s responsibility. From the point of view of the citizen, I would like to call for proactive vigilance about new forms of communication. The use of new technologies must be linked to cons- cious and constant information and training about them in order to use them correctly and thus avoid unne- cessary risks. I recommend consul- ting regularly or subscribing to the relevant education and awareness portals such as https://staysafeonli- ne.org/ Do businesses need to be aware of the required cybersecurity invest- ments and include this chapter in their annual plans? Of course. Cybersecurity must be part of risk management. All orga- nisations, whether public or private, need to include technological risk in their strategy. Investment in equip- ment and systems as well a.s training of human resources can only be ca- rried out through adequate budgeting. Traditionally, cybersecurity has been seen as a cost rather than an invest- ment, but today it is proving that in- vesting in the effective management of technological risks strengthens our relationship with our customers, pro- tects our brands and ultimately adds value to our service offering. I N T E R V I E W Gianluca D’Antonio CIO of FCC Group’s Information Systems and Technologies Division C O M M U N I C A T I O N 66 C O M M U N I C A T I O N