The concern of managers and entrepreneurs for information security, coupled with a greater awareness of the importance of defining corporate security policies and systems, is sparking a race for cybersecurity “weapons” on a global scale.
This trend, warns Strongstep, a spinoff of the Faculty of Engineering of the University of Porto specialized in software engineering, is corroborated by the latest data provided by ISO (International Standard Organization) for 2017, which places Europe in the second position worldwide. regarding the number of companies that have been ISO 27001 certified, an internationally recognized standard to ensure best practices for information security.
According to ISO, in 2017, of the 39,500 companies worldwide that have attained ISO 27001 certification, 14605 are from Europe. Demand for this certification worldwide increased by 19% over the previous year, and only in North American and African countries did the number of certified companies increase by 43% and 34%, respectively.
“The financial impact of cyber attacks on companies such as Facebook and Google, or the case of banks in Canada where financial information has been stolen from over 90,000 customers, has led to an exponential increase in cybersecurity concerns,” says Pedro. Castro Henriques, CEO of Strongstep.
The same official points out that, in the implementation of measures against cyber attacks, Portugal is well positioned, occupying the 22nd position among 49 European countries.
“ISO data point to a total of 112 Portuguese companies certified by ISO 27001 as of 2017. This record puts Portugal ahead of countries like Russia, Denmark, and Norway. There is a strong perception that these numbers will have increased significantly over the past two years, but it is also certain that there is still a long way to go, ”he notes.
Strong step CEO gives the example of a national fintech, ebankIT, as one of the cases that reflects growing concern about security breaches.
“We recently supported ebankIT, a Portuguese fintech that develops an omnichannel platform for banks and credit unions around the world, to join the elite of ISO 27001, COSO and RGPD certified companies, thus improving security levels of information provided to its customers. In the course of this process, it was noticeable that the managers of this company understood the project as an almost mandatory requirement for companies working with banking entities, where sensitive data may exist, indicating a strong awareness that security breaches could endanger the corporate reputation of the organization, or even business opportunities, ”says Pedro Castro Henriques.
For Carlos Fernandes, ebankIT’s information security manager, “the focus on this certification ensures that customers, partners, and suppliers know that your organization’s information will be handled in accordance with high standards of information security management and protection”.
Strongstep also notes that the concern of domestic small, medium and large companies has intensified since the entry into force of the General Data Protection Regulation (RGPD) in May 2018.
“RGPD has brought with it a growing care about personal data. Preventing customer leakage or data loss is one of the key requirements of the regulation, and from its entry into force, organizations have begun to invest in cybersecurity technologies that protect them from data theft through malicious software or information leakage,” concludes Pedro Castro Henriques.