In today’s digital landscape, cybersecurity has emerged as a non-negotiable priority for companies of all sizes and industries. The increasing sophistication of cyberattacks and the devastating financial consequences of security incidents highlight the urgency of robust protection strategies. At the second meeting of the Business Impact Network (BIN) for Innovation & Tech, held at Saint Paul Business School, C-Level executives and board members discussed the challenges and opportunities in implementing cybersecurity strategies. In this article, we explore the lessons learned by companies in adopting security measures, the specific obstacles faced by small and medium-sized businesses, and the regulatory and cyber insurance initiatives that are shaping the future of cybersecurity in Brazil.
From Resistance to Recognition: The Crucial Role of Incidents
“Cybersecurity is the fourth biggest concern of the World Economic Forum, behind only fake news, climate factors and political polarization” Daniel Barbosa, Vice President of Strategy, Digital Transformation and Supply Chain at Bloomin' Brands, opened the discussion by sharing his own experiences. Daniel explained how Bloomin' Brands bolivia whatsapp data began monitoring and analyzing security incidents, establishing comparative metrics with the market. This step was essential to understand where they were in terms of cyber maturity and identify critical areas that needed improvement. The implementation of Artificial Intelligence for threat detection stood out as an innovative measure, allowing a faster and more accurate response to attacks.
Additionally, he also shared how Bloomin' Brands sought out strategic partnerships that helped solidify a centralized view of safety, integrating different systems and processes for a more cohesive and effective approach.
The Panorama of Cyber Maturity in Brazil
Raquel Tonin, CEO of LS Retail, an Aptos Company, highlighted a recent survey that analyzed the cyber maturity of companies in Brazil. The results showed that, on average, Brazilian companies scored 49 out of 100, indicating a significant level of risk. Raquel emphasized the need to effectively communicate these risks to boards of directors, illustrating how large financial losses can occur due to cybersecurity failures, emphasizing: “Either the company has already been attacked, or it is being attacked and you don’t know it.”
Challenges of Small and Medium Enterprises
The meeting also addressed the specific challenges faced by small and medium-sized businesses in the context of cybersecurity. The development of guides and best practices tailored to these companies, which often lack the resources and expertise to implement robust security measures, was discussed. Awareness and appropriate regulation were highlighted as essential elements to help these companies better protect themselves.
Engaging the broader ecosystem, including industry associations and the third sector, was seen as a vital strategy to foster a stronger and more inclusive cybersecurity culture.
Cybersecurity Regulation and Self-Regulation
Participants at the event discussed ongoing efforts to regulate and self-regulate cybersecurity in Brazil. The risks of overly complex or generic regulations that could make it difficult for companies to comply were mentioned. The need to involve the private sector and other stakeholders in the regulatory process was widely recognized, with a view to creating standards that are both practical and effective.
Proposals for a national cybersecurity strategy and the creation of a dedicated regulatory agency were also discussed, highlighting the importance of a coordinated and well-structured approach.