Hackers cost companies US$4.5 million and threaten sovereignty – 11/11/2023 – Panel SA

Alberto Leite heads the Exa group, one of the largest in data protection. The name refers to a unit of measurement greater than mega, giga or tera. It represents the inestimable value of information that criminals try to steal via the internet every day. Since then, Leite has attended international monitoring and combat forums. Last year, Brazil was the target of 103 billion digital offensives and companies suffered losses.

Have we already experienced a cyber war?
Here the interest is in the kidnapping of data, people and companies. There was the case of the Fleury laboratory, a repeat offender, in fact. Americanas, Renner, Banco Pan. Correios and TRF-1 [Tribunal Regional Federal da Primeira Região] they also had attacks. These are different episodes from what happens in Ukraine and Israel, where, in fact, there is a cyber war to destabilize the countries for political purposes.

How much did companies lose from these attacks?
On average, US$4.5 million per attack, regardless of whether it was successful. The calculation was made based on what was reported by the companies.

Are we safe?
The 15 largest cybersecurity companies are foreign. Although the solutions are good, the country lacks laws so that, in cases of an offensive, the government can reach the criminal. In other words, our cyber sovereignty is in danger.

How to solve?
I was recently with the Minister of Defense and representatives from the Ministry of Justice. I defend the creation of a National Cybersecurity Policy. It needs to impose criteria for the performance of companies in this sector in the country. Examples: obliging them to have headquarters here and, in the case of investigations, to hand over data on possible perpetrators of crimes.

Should we follow the US example?
Yes. Three months ago, President Joe Biden passed a law defining these criteria. Many cybersecurity companies left there. Others were banned.

Why does the SEC [CVM dos EUA] Does today force companies to disclose relevant facts when they suffer attacks? Because it affects the business. It is sensitive information that can affect a company’s assets. The investor has the right to know whether the company is vulnerable to make his decision [de investimento]. The CVM should follow this path. It is past time for Brazil to have a national cybersecurity agency.

X-RAY

Training: Administration (Uniceuma) with specialization from Columbia Business School
Career: Director of Telemig (1999-2003); COO of Moinhos Jerônimo (2004-2006); COO Teeleap (2006-2007); CEO of Supportcommon (2007-2009); founder and CEO of EXA (since 2009)

With Diego felix It is Paulo Ricardo Martins

LINK PRESENT: Did you like this text? Subscribers can access five free accesses from any link per day. Just click the blue F below.