The second edition of Panda Security Summit 2019, held in Madrid, highlighted the main lines of action that both companies and public institutions need to adopt in order to protect their environments against cyberattacks.
In this sense, threat hunting strategies take on an ever more central role in the approach to security processes, since they imply not only detection, but also analysis, hypothesis formulation and resolution, even before the threat can materialise, as well as the incorporation of the patterns learned into the detection model.
Furthermore, the experts also underlined anticipation and intelligence production as key factors to face up to cyberattackers’ new modus operandi. In this scenario, it is more necessary than ever to apply zero-trust policies.
The day kicked off with Juan Santamaría, CEO of Panda Security, who reminded the attendees that one of the most vulnerable focal points, and one that draws most attention from cyberattackers, are governments and public administrations. Hence the initiative to create an event where the focus is on action strategies and methods to stop attacks that violate citizen security.
Both Santamaría and José Sancho, President of Panda Security, emphasised the trajectory of the company, which grew 12% in 2018, consolidating itself as one of the pioneers in the development of endpoint protection services.
Next, María Campos, KA and Telecoms at Panda Security presented Cytomic, a new business unit that completes the company’s specialisation in the enterprise segment. The main differences that Cytomic brings are based on the layers of service, which provide the additional value of the technology-service duality. Campos pointed out that the enterprise segment makes up 15% of the company’s turnover; its aim with Cytomic is to accelerate the current growth to over 40%.
During his speech, Josu Franco, Strategy Advisor at Panda Security made a point of the fact that cyberattackers are using software that is already installed on the endpoint, which means that they don’t need to employ downloadable files. The challenge, said Franco, is detecting threats that stem from the user, who in many instances, belongs to the organisation itself. This means that this particular threat requires the sophistication of security analyses. Finally, he stressed that cybersecurity needs to tend towards data science.
From the European Commission, Rafael Tesoro, Programme Officer, highlighted the alarming increase in cybersecurity incidents, which has been facilitated by a highly fragmented European cybersecurity market in which smaller European companies are acquired by large companies from outside Europe. This exacerbates brain drain in the continent, as well as the difficulties in accessing more intuitive, competitive and innovative technologies that adapt to Europe’s own regulation and management models. To face this, Tesoro stressed the relevance of the NIS directive, and how it is working to increase each country’s cybersecurity capacities, European cooperation, and the security models and alerts that are currently being put in place.
Pete Shoard, Senior Director Analyst at Gartner delved into the management models that allow for a balance between machine learning and automated tasks with risk management and monitoring by CIOs and heads of IT. Shoard focused on behavioral analysis when it comes to efficient threat hunting strategies in companies.
Curro Márquez and Jesús Ponce, from Cyberintelligence at Telefónica, emphasised cyberintelligence as a pillar of digital security, since it considers anticipation, protection, detection and response. To optimally carry out and manage cyberintelligence, Márquez and Ponce pointed out that the company must know their own security needs, so that it can use the necessary sources, tools and processes, both their own or third-party, that allow them to carry out quantitative analyses that can be reversed once again and enrich the entire process.
Lucas Varela, e-Crime & Security Analytics Manager en CaixaBank discussed the role of cybersecurity as a previous requirement and an enabler for new financial businesses. He also demonstrated how CaixaBank applies intelligence systems to detect threats, a strategy that includes studying efficiency within Incident Response processes, and studying banking malware.
The speeches finished with Pedro Uría, Director of PandaLabs. Uría emphasised the company’s hunting services and used real cases to demonstrate how to get ahead of new threats with this technique. He also reminded the attendees that malware is no longer a problem, and that the challenge currently lies in increasingly sophisticated targeted attacks that don’t use malware; the only valid approach is a zero-trust policy, in which nothing should be run unless you trust it.
The attendees were able to find out about threat hunting strategies to guarantee the cybersecurity of companies and institutions through two speeches and four immersive workshops run by Panda Security specialists.