At the end of October we held the 1st Our Culture Week at Horiens, an initiative proposed by Novonor...
Webinar details cybersecurity precautions
DATE: 05/23/2024
Organized by IBEF-Rio (Brazilian Institute of Finance Executives) and conceived by Horiens, the online event brought together 65 participants
The webinar “Jornada de Cyber Security: Principles and compliance with the LGPD, responses to security incidents and Cyber Security, critical infrastructure and the position of the CISO on the national scene”. Organized by IBEF-Rio (Brazilian Institute of Finance Executives of Rio de Janeiro) with the support of ABGR (Brazilian Association of Risk Management) and conceived by Horiens, the online event brought together 65 participants, who were able to delve deeper into the subject.
Calza Neto, a specialist in privacy and data protection at the law firm Calza Neto e Klunk Advogados, spoke about the principles and adaptations to the LGPD (General Personal Data Protection Law). “I see a large number of companies and public bodies that are not in line with the LGPD, even though it has been in force for four years,” he said.
According to him, companies need to be vigilant and adopt a series of measures, such as mapping the data to be reported to the ANPD (National Data Protection Authority) in the event of incidents, reviewing current contracts, including obligations and responsibilities for data processing, creating policies to provide an environment with clear rules, and reviewing security protocols.
“In addition to all of this, training employees and teams is essential to bring about a change in behavior. We live in a digitalized and connected world. People need to realize that safe habits aren’t just at work,” added Calza Neto.
Next, Tiago Neves Furtado, from Opice Blum Advogados, addressed the importance of responses to incidents of insecurity. “We are facing a risky scenario. Companies have to understand that the question is not if or when they will experience a cyber incident and how they will deal with the incident that will happen. You have to change your mindset: don’t just think about how to avoid an incident, but discuss how to deal with it.”
Furtado recommended some important actions to make the right decisions when necessary. According to him, the exercise is to prepare beforehand. “We need to establish rules and processes that integrate international best practices and frameworks with Brazilian legislation. Taking a ‘snapshot’ of what information is being handled and which systems and repositories are used by the organization, so that the reaction to an incident is swift and there is a coherent response to the ANPD, the Central Bank and business partners.”
Horiens’ CISO (Chief Information Security Officer), Ronaldo Andrade, was part of the panel of experts on the subject for this webinar, which was mediated by Marcia Ribeiro, from IBEF-Rio and ABGR, and opened and closed by Elio Duzzi, senior business development at Horiens.
“Security and business must go hand in hand and be integrated. Security cannot be seen as an obstacle, but rather as a facilitator for generating business,” said Andrade. The challenge, according to him, is that the threats are emerging and are renewed every day, whether they are from Information Technology – such as phishing (fraudulent communications) or ransomware (data hijacking) – cyberactivism or even cyberterrorism.
As the expert explained, only 37% of companies in Brazil actually invest in cybersecurity. “There is still a lack of cybersecurity culture in companies and government incentives. It’s a long road, but we see good prospects. Cyber insurance has become a seal of excellence. It has grown and gained importance within organizations and insurance companies, which have seen the evolution of policies and evaluations with ‘good eyes’.” Andrade concluded the meeting by saying that conscious citizens generate robust companies and resilient nations.
The meeting also included a space for participants to bring questions and even cases from their own environments, enriching the exchange of knowledge within the group.
No comments