SICUR CYBER draws attention to the fact that 82% of data breaches are related to human error.

82% of data breaches are related to human error, according to the cybersecurity experts who participated in SICUR CYBER, part of the International Security Fair held from 27 February to 1 March at IFEMA MADRID. The speakers also analysed the regulatory framework related to private security and highlighted, among other issues, the importance of controlled access for any cybersecurity plan.

In her speech on cyber manipulation, Elisa Yamaguchi of SOSAFE gave warnings about and explained how a cyber-attack unfolds among a company's employees and how to "minimise the damage by being ready to identify such attacks". She stated that “82% of data breaches are related to human error” and added that “we are facing a landscape of digital threats which are more complex than ever, in which fields such as artificial intelligence, phishing, supply chain attacks, ransomware, geopolitical crises and MFA attacks among others come into play”.

Yamaguchi warned that “hackers manipulate us using behavioural science and psychology”: She added that “global events continue to be the perfect bait for phishing campaigns, including geopolitics, global health emergencies, economic crises and other events”. In her opinion, “these types of attack work because they play on the victim’s sensitivities”.

The most-used channels for attacking companies in 2022 were “email, with 61% of the total, social media (34%), text messages and calls (29%) and messenger apps (26%). What’s more, “artificial intelligence poses a new danger for cyber-manipulation”. This expert also highlighted that “organisations must strengthen their cultures of security and are already planning to do to”.

Safety Devices

Roberto de Los Santos, Sales Engineer at Axis Communications, made reference to cybersecurity in the life cycle of security devices, and stated that “no device connected to the internet is immune from cyberattacks”. He also warned that “not all attacks come from external sources, often they come from within the company itself”.

In terms of prevention, he stated that this issue is shared between “system integrators and the end clients, who are also responsible for the systems”. He confirmed that “we are committed to developing systems which are as cyber-secure as possible, and when a vulnerability is discovered, remedying it as soon as possible”. Finally, he reviewed the main methods and requirements for products to remain cyber-secure throughout their life cycle.

Physical cyber-security

Natxo Rojo, Business Director at Dorlet Security, contributed a series of recommendations to make a physical security solution cyber-secure. He also analysed the regulatory framework related to private security and highlighted, among other issues, the importance of “controlled access for any cybersecurity plan”. He explained that “Europe is working on a series of directives and also binding acts for all member states related to cybersecurity, cyber resilience and artificial intelligence”. In this regard, he also highlighted the importance of cybersecurity certifications, both those issued by national bodies and agencies, as well as those of mutual recognition between countries, and those issued by the European Union Agency for Cybersecurity (ENISA). He reiterated that “ certifications are the only means to assess whether a product complies with cybersecurity conditions”.

The programme will continue on Thursday 29 February at SICUR CYBER with speeches such as ‘Cybersecurity applied to physical security systems’, with Jordi Alonso and Juan Carlos Fúnez, Corporate Directors of products and IT respectively at Casmar.  ‘Cybercrime strategies of law enforcement’ will also be presented with spokespersons from the Guardia Civil, National Police and Mossos d’Esquadra and the scope of certification of cyber security engineers will be addressed.

On 1 March, the last day of the exhibition, SICUR CYBER will close with three speeches: ‘Social Engineering and Physical Security’, ‘Biometric Data Processing for Security Purposes’ and ‘Cybersecurity Training and Pathways for Building Skills'.

In addition to SICUR CYBER, at the International Security Exhibition the FORO SICUR will also be held, a space for analysis and debate on the importance of comprehensive security for socio-economic development and social and individual well-being and the challenges facing the sector, as well as for presenting new developments and innovations; and the Speaker’s Corner of EXO CORNER, the new section in collaboration with the Instituto de Biomecánica (IBV) which will address the arrival of exoskeletons in the sectors of security and occupational health.