Technology is constantly transforming and evolving, so public and private companies are increasingly betting on digitizing their services, whether to attract more customers or simplify processes, but this entails risks. At the same time, cyber attacks are becoming more frequent and are expected to multiply within the next three years.
Pablo Peón, founded DPD Lanzarote in 2017, a pioneer in cybersecurity on the island, convinced of the need to combat hacking, prevent espionage and provide companies with cybersecurity consulting, cyberintelligence and data protection. This is a sector of incipient demand, due to the limited perception of the risk of computer security among the population and companies of Lanzarote.
Its services are mainly focused on data protection. DPD Lanzarote has also immersed itself in the field of training and talks on technology and data protection, with projects that aim to bring to all schools and institutes of the island to promote awareness about the use of social networks, tools, internet risks, privacy and information security.
"Our security is the most important thing, all the confidential information that a company now has stored in the cloud, on external devices, on its corporate equipment, banking information, passwords, personal emails, balances, strategies, so imagine what could happen if all that data fell into the wrong hands."
Despite this, Peón laments that "there is no data culture, here the rule is to cover the file with three documents to get by. I believe that there is an ethical business duty to people and their data, both at a public and private level, which is often treated without being aware of the impact that misuse or malicious use can have on their lives." "Technology does not stop evolving, this continuous transformation, added to the constant regulatory changes, force companies to keep their security policies and processes continuously updated, in order to avoid the vulnerability of their data and that of their customers, as well as legal compliance with the resulting regulations."
The impact of the pandemic
Regarding the pandemic, Peón indicates that it was a real tsunami in the work processes. "The main change has probably been the forced transition to working from home. Companies did not organize any special training on secure interaction with corporate resources over the Internet, there was less control of the corporate IT department over devices, software and user actions generated greater risk, many companies did not provide their employees with corporate equipment."
"Instead, they allowed staff to work and connect to the office IT infrastructure from home devices, which in many cases were poorly protected, personal computers were used for work, personal devices were used for entertainment, playing online games and watching movies. There were also many who used the company's laptops and smartphones for unintended purposes."
All this led to an endless number of security breaches and vulnerabilities. The number of attacks skyrocketed exponentially, security breaches were discovered in legitimate video conferencing software, as in the case of Zoom. "There were other tools with greater security, more respectful of privacy and located in European territory."
Other phenomena inherent to Covid have been "identity theft, electronic correspondence from clients and government departments, false subsidies... in short, a tsunami of which I think we still do not know the consequences."
Cybercriminals have also actively taken advantage of the growing interest in online entertainment by trying to lure users to fake sites and persuade them to download malware disguised as movies or installation files. "Employees work from home, configure their own routers and networks, a practice that increases security risks.""
The consequences of the war in Ukraine
A new open front is the war between Russia and Ukraine, after which the concern for cybersecurity and data protection has been increasing, forcing the Government to develop a National Cybersecurity Plan in the face of the threat of attacks from Russian cybercriminals.
"Since the invasion, the number of attacks has increased a lot and the reality is that, at a national and insular level, we are a target for all groups of Russian (and non-Russian) cybercriminals," explains Pablo. "To avoid them, the key would be to provide public and private entities with resources to effectively implement the ENS or the real compliance with the security measures developed by the GDPR; thus we would be in a higher standard to continue applying the new plan effectively."
Cybersecurity in Lanzarote
In the case of Lanzarote, "cybersecurity and data protection issues are seen as a non-tangible service that is not highly valued, as science fiction, because there is a lack of awareness and modern business culture, something very difficult to achieve without the necessary infrastructure. I have been told on the island that cybersecurity is useless, when the reality is that we have been victims of cyber attacks in Lanzarote for years. Many companies are not aware of the extent to which their systems have been compromised," says the founder of DPD.
DPD has had to intervene in cryptocurrency wallet hacks (cryptohacking) to clients in hotels located on the southeast coast of the island, as well as in the capital, as well as in hacks to Instagram accounts of hotels, used to impersonate them and get information or manipulate their customers. Its founder argues that 99.99% of the entities on the island are vulnerable and have had, have or will have security breaches.
In addition, Lanzarote has become in recent years the perfect destination for digital nomads with the proliferation of teleworking, so it hopes that both the public and private sectors will try to promote a good network infrastructure, secure, sustainable and with resilience capacity.
"Cybersecurity and data protection is already very important in strategic business or national terms and at a global level there is no doubt that they will become even more important in the future," explains Peón. "Especially in Lanzarote I believe that there will be a greater general awareness about it, and that both the public and private sectors will try to promote plans so that the island is a geographical environment as safe as possible in order to attract investment".
