Book analyzes risk management and addresses different dimensions of digital security in brazilian enterprises
NIC.br sectoral study gathers texts of national and international authors, and can be accessed free of charge
The COVID-19 pandemic further highlighted the relevance of digital technologies for enterprises, which saw the Internet as an essential infrastructure to uphold their operations and dodge the restrictions imposed by social distancing. But as connectivity becomes increasingly recurrent and important for the operation of enterprises, digital security is more than ever of utmost importance.
On May 17, to delve into the discussion on this topic, the Regional Center for Studies on the Development of the Information Society (Cetic.br) and the the Brazilian National Computer Emergency Response Team (CERT.br), both maintained by the Brazilian Network Information Center (NIC.br), launched the Sectoral Study publication named Digital security: an analysis of risk management in Brazilian enterprises.
The publication, which is part of the series called NIC.br Sectoral Studies, was officially presented during the Webinar Digital Security in Enterprises in a Context of Increasing Digitalization, which was attended by part of the specialists from different national and international organizations that make up the group of the book’s authors. The book, which is divided into four chapters and a conclusion, explores different aspects of digital security risk management, especially in small and medium enterprises (SMEs), and addresses issues such as incident measurement and consequences, risk management strategies, ecosystems and cooperation in order to have a more secure digital environment.
One of the chapters, authored by Cetic.br|NIC.br, is based on data from cognitive interviews, conducted with professionals from Brazilian enterprises, carried out within the scope of cooperation between NIC.br and the Organization for Economic Cooperation and Development (OECD), on the topic of measuring digital risk management practices.
The publication also presents data about the main security incidents observed by CERT.br|NIC.br in Brazil, as well as an overview of digital security in Latin American countries, presented by the Economic Commission for Latin America and the Caribbean (ECLAC). All chapters converge on the importance of measurement, including in the context of SMEs.
“In view of the increase in activities and services that are carried out in digital means, it is essential to develop a culture of security and face the different types of digital threats. In light of the digital transformation, producing indicators that support public policies on the topic of digital security, as well as broadening the debate on the subject, are key issues to be discussed in the scope of policies and business management,” says Alexandre Barbosa, manager of Cetic.br|NIC.br.
The General Manager of CERT.br|NIC.br, Cristine Hoepers, points out that, in the daily life of organizations, it is the simplest problems with established solutions that cause the most successful attacks. “Thus, it is with essential measures, such as keeping all software updated, hardening all systems and devices, and improving the identification and authentication processes in services and systems, that we can move forward and reach a healthy digital ecosystem, which depends on all the players in the chain: suppliers, IT and security professionals, and users.”
The Sectoral Study Digital security: an analysis of risk management in Brazilian enterprises can be accessed free of charge at: https://cetic.br/en/publicacao/seguranca-digital-uma-analise-de-gestao-de-risco-em-empresas-brasileiras/ (available in Portuguese). To watch the release of the publication again, broadcasted in English, Portuguese, and Spanish, please visit: https://www.youtube.com/playlist?list=PLQq8-9yVHyOYMCbzCP_9llkKRwgUtRLZs.
The Regional Center for Studies on the Development of the Information Society, of NIC.br, is responsible for producing indicators and statistics about Internet availability and use in Brazil, disseminating analyses and periodical data about the development of the Internet in the country. Cetic.br is a Regional Center of Studies under the auspices of UNESCO. More information at https://www.cetic.br/.
CERT.br is the Brazilian National Computer Emergency Response Team. Since 1997, they are responsible for handling security incident related to networks connected to the Internet in Brazil. The Center also handles activities related to trend analysis, capacity-building, and awareness-raising, aiming at increasing the levels of security and Handling Incident capacity in Brazil. More information at https://www.cert.br/.
About the Brazilian Network Information Center – NIC.br
The Brazilian Network Information Center — NIC.br (https://www.nic.br/) is a private nonprofit civil entity. In addition to implementing the decisions and projects of the Brazilian Internet Steering Committee, it also has the following responsibilities: coordinate the registration of domain names – Registro.br (https://www.registro.br/), study, respond to and manage security incidents in Brazil - CERT.br (https://www.cert.br/), study and do research on network technologies and operations – Ceptro.br (https://www.ceptro.br/), produce indicators about information and communication technologies - Cetic.br (https://www.cetic.br/), implement and operate Internet Exchange Points - IX.br (https://ix.br/), enable the participation of the Brazilian community in the global development of the Web and underpin policymaking - Ceweb.br (https://www.ceweb.br), and host the W3C São Paulo Chapter (https://www.w3c.br/).
About the Brazilian Internet Steering Committee – CGI.br
The Brazilian Internet Steering Committee, which is responsible for establishing strategic directives relative to Internet use and development in Brazil, coordinates and integrates all the Internet service initiatives across the country, promoting technical quality, innovation and the dissemination of the services provided. Based on the principles of multisectoriality, transparency and democracy, CGI.br represents a democratic model of governance on the Internet, internationally praised, in which all sectors of society equally participate in its decisions. One of its creations was the 10 Principles for the Governance and Use of the Internet (https://www.cgi.br/principios). More information at https://www.cgi.br/.