Francisco Robayo is a cyber security expert with 15 years of experience in the sector and more than 20 years in IT. He has been linked to Check Point for 10 years, holding various positions in the LATAM region. Currently, he is the Engineering Leader for Latin America and the Caribbean and part of the Office of the CTO.
He trained as a Systems Engineer in the Army Polytechnic School of Ecuador, where he obtained an excellence scholarship. He specialized during his time in the “Florida International University –College Business” with a“Certificate in Cybersecurity Leadership and Strategy”.
In this interview, Francisco Robayo shares expert insights into cyber security trends in the Latin America and Caribbean region, highlighting emerging threat types and providing business recommendations.
Please tell us about the cyber threat landscape in LATAM:
Well, Latin America and the Caribbean is a very particular region. It is an important emerging market that has a lot of visibility at a global level, but due to its current state of cyber security, is one of the most attacked regions in the world. For example, according to Check Point Research, an organization in Latin America and the Caribbean was attacked on average 1662 times per week in the last 6 months. This, compared to the world average (722 attacks per organization), is more than double and means a lot of challenges but also a lot of opportunities in cyber security.
Latin America is not a region of early adopters of technology and when it is done, in general, functionality prevails over security, which makes areas such as the cloud and the Internet of Things very vulnerable. At the same time, these areas have great potential for development.
On the other hand, there are many similarities with the rest of the world. For example, most of the malicious files in Latin America were delivered via email (86%), also the top malware is the reborn Emotet and one of the main threats we see is Formbook (Infostealer). All of these threats have greater impact in LATAM than in other places, of course.
Most targeted countries in the region?
According to Check Point Research, in recent months we have found Peru, Colombia, Bolivia, Costa Rica, Jamaica, Ecuador and Guatemala as the countries that are the targets of the most attacks in the region.
What is your perspective on why these countries receive the highest volume of attacks?
This is not surprising, since several of these countries have recently changed their government or political orientation or have experienced economic or political instability (a constant in the region), and the attackers either use this as a pretext or, as in the case of Costa Rica and Peru in May and June, we have seen a new level of attacks: Country extortion by ransomware gangs (Conti group). Costa Rica’s president had to declare a state of national emergency after the cyber criminals breached and encrypted the data of at least 27 Costa Rica government agencies, something I have never seen before.
What kinds of unique challenges do business leaders and security experts in the LATAM region face?
Beyond living in a very volatile region, the limitations associated with the lack of sufficient investment in cyber security and the fact that many companies and governments have not yet evolved their organizational culture to one in which cyber security plays a leading role are major challenges.
In general, there are no regulations and laws such as GDPR and others that protect data and the few that exist are ignored. However, in this non-ideal environment, cyber security experts in Latin America and the Caribbean have managed to open a space for companies and academia to begin to understand the importance that cyber security has for everyone on a day-to-day basis, and the impact of not being adequately protected.
While it’s difficult to generalize, where are LATAM security leaders excelling?
As is very common in the rest of the world, the first and main investments in cyber security come from the financial sector, which, for example, a few years ago was reluctant to invest in the cloud. Today, cloud is a very important market. This has served as an example for other sectors such as retail, education and government, showing them that they should prioritize investments in the cloud and in new connectivity for branches that, of course, have data protection needs. This will help the security market continue to grow.
Based on what you’re seeing in the field right now, what recommendations do you have for business and security leaders? LATAM and otherwise?
To summarize, take cyber attacks very seriously, as they can really kill companies, they can prevent governments from providing the most basic services to their citizens, and in general, they can change our way of life. Taking attacks seriously starts with the most basic levels of education, adopting a prevention-first strategy and an approach that is the responsibility of all actors involved in some way in cyber security; up to the highest levels of protection with the most sophisticated tools and processes that exist on the market. Finally, leaders should remember that the next cyber attack can be prevented following common sense principles and best practices.
Lastly, to receive more timely cyber security news, top-tier reports and cutting-edge analyses, please sign up for the cybertalk.org newsletter.