EN 
ES 
THE OPERATIONS AND CYBER SECURITY MANAGER OF THE DEPÓSITO CENTRAL
DE VALORES, NELSON FERNÁNDEZ, DELIVERED DETAILS OF HOW THE COMPANY
FACES THE CONSTANT TASK OF BEING AT THE FOREFRONT IN DIGITAL SECURITY.
Nelson Fernández, Operations and Cybersecurity Manager of the Depósito Central de Valores explains that the social outbreak was a prelude and allowed both he and the entire cybersecurity team to prepare (without knowing it at the time) for what has been the five months of teleworking. In this interview, he explains how the largest custodian of securities in Chile has constantly prepared and works to have the highest standards in digital security, and how remote work has been a new challenge. “In cyberspace, a poorly focused (careless) curiosity can be the cause of great problems,” he warns.
What have been the principal challenges facing cybersecurity today?
Currently the challenges have several fronts of action: some more immediate and others more long-term in terms of cybersecurity development in the company:
The adaptation that the contingency itself has demanded from us. First with the social outbreak (as a prelude and preparation) and the subsequent health emergency, which we have had to manage for more than 5 months. The changes that these two situations have raised with the greatest emphasis is the protection of the last bastion of cybersecurity: the people and the technological resources they use to carry out their work (the workstation). This has also accelerated the deployment of capabilities aimed at targeting attacks on company assets.
This has mobilized us towards improvements in the protection of what we know as end-point. At DCV about two years ago we had already worked and strengthened powerful initiatives that allowed us to strengthen the protections known as perimetral (access to applications and services that we offer through the Internet). And, on the other hand, we had long ago established that remote access (from outside the office to the business resources) had to be protected. This has been one of the areas for improvement both for the access mechanisms and for the protection of the end-point itself.
"Looking to the longer term, together with my team we think that the challenges lie in establishing roadmaps and making the hard concepts that this discipline handles (in technical terms) understandable to all those involved. We are currently working on a review of our IT strategic plans, which will include these topics for better development and understanding of cybersecurity functions"
Nelson Fernández, Operations and Cybersecurity Manager
Does the current pandemic context and the fact that workers work from computers in their own homes make systems more vulnerable?
Not exactly. The existing vulnerabilities remain more or less the same. What happens is that the development and emphasis of cybercrime has put more attention to people’s workstations, increasing their possibilities. This, by trying to access business resources by attacking and exploiting vulnerabilities in these workstations. With remote work, the formerly last defense (the user and their workstation) becomes more exposed, becoming part of the company’s first line of defense.
This is why phishing and malware have grown. In relation to this flank we have had to take greater precautions, delivering information to people, strengthening technical tools, paying greater attention to the devices that people use to connect to work and thus cope with this matter.
How does DCV face the challenges and constant changes regarding this issue?
"The greatest certainty that the industry has is taht will be constant change in cibersecurity issues, The emulation of the real world in the networks is increasing and any of the aspects thats we know in our coexistence as a society, I am sure that sooner or later will its simile in ciberspace".
Nelson Fernández, Operations and Cybersecurity Manager
The greatest certainty that the industry has is that there will be constant change in cybersecurity issues. The emulation of the real world in the networks is increasing and any of the aspects that we know in our coexistence as a society, I am sure that sooner or later will have its simile in cyberspace.
DCV has adopted a list of best practices and we constantly seek to keep people up to date and trained to understand how to address ever-changing threats. With this, a permanent focus is maintained on developing the initiatives and projects in order to address these issues. The specialized knowledge of how threats operate, the constant search for vulnerabilities, the review of new trends in both defense and attacks allow us to design and implement a path that, although it will not be without problems, will allow us (and currently allows us) to offer our services and benefits to make our way through cyberspace, more or less calmly.
What do you think will be the big trends regarding this
topic in the coming years?
Remote work is a certain possibility, and it will surely be considered a much more common way of working from today. The use of digital transactions has also intensified, possibly to the point that many industries will change or enhance this sales channel. Regarding this point, crypto-currencies, artificial intelligence, internet of things, social networks, exchange value in the network, etc. will probably follow. This configures scenarios rich in possibilities and therefore material for cybercrime, on which we maintain our attention and anticipate as best as possible the elements to be incorporated regarding the protection and privacy of the company in the digital world.
I think that a good alternative is always to compare the situations faced in the digital world with what happens to us in the real world. For example:
- I think that a good alternative is always to compare the situations faced in the digital world with what happens to us in the real world. For example:
- If you have not participated in a raffle, bingo, or contest, do not expect a gift to arrive at your doorstep. So, if you receive an email that says they give you 1 Million Euros, it is certainly a scam.
- If you know that in life you have to prepare, get a job, to obtain the necessary resources to satisfy your needs, don’t wait for an email to solve this whole journey in one click.
- It is also not a good idea to give the keys to the place where you live or where you have precious goods for you to anyone due to consequences that this could have. So, it is not a good idea to give your credentials (username and password) where you have your bank account to an unknown entity that asks for them.
- If you are offered a pill on the street, a closed box or something that you do not know its content, you would hardly accept it and you would probably not use it. In the same way, you should not accept to download programs or documents on your computer without knowing their origin and content.
In cyberspace, a misfocused (careless) curiosity can be the cause of big problems.
Center News
