Cyberspace is at a critical stage in which governments, public agencies, private sector entities and individual users are waging battles over rights, while security and safety are becoming key issues, according to Álvaro Écija, managing partner of ECIX.
He adds that it is essential that cyberspace users diagnose their situation and identify cyberthreats to which they are determined, the main security strategies they can implement in order to counter such threats and, where appropriate, mitigate the risks that could arise.
“Cyberspace facilitates the realisation of new risks and threats,” says Écija. “The cyber attacks presented in the form of cyberterrorism, cybercrime, cyberespionage or ´hacktivism´, can be used aggressively against individuals and public and private institutions.”
Écija says the lack of identification and management of such cyberthreats appears to be intrinsically related to a lack of awareness of the security risks associated with cyberspace, as well as an inadequate assessment of the cyberthreat, which is often perceived as uncertain or unlikely.
“To cope with an ´enemy´ in cyberspace, it is necessary to measure and manage the risks that are identified in an objective and systematic manner,” he says. “To this end, it is essential to have a strategy, supported by tools and methodologies to perform a detailed analysis of each of the risks, through catalogues of assets, threats and vulnerabilities, as well as methodologies able to adapt to the peculiarities of cyberspace.”
Cyber compliance represents an ally that works effectively in identifying – under objective criteria – the existing probability of a risk that could affect your environment, Écija says. “This would be achieved using a cyberthreats assessment, mapping of the elements at risk, a vulnerability assessment, and an estimation of the costs and benefits involved in the implementation of a comprehensive cybersecurity strategy.”