*A Fortinet anunciou que aumentou o seu nível de parceria com a organização sem fins lucrativos WOMCY – Latam Women in Cybersecurity. A Fortinet agora faz parte do mais alto nível de parceria, a categoria “CyberTech”, e pretende capacitar mais mulheres para a indústria de segurança cibernética, garantindo pluralidade e ajudando a preencher a lacuna global de profissionais do setor que está em 3,14 milhões.

A Fortinet busca estabelecer parcerias para fortalecer ainda mais a infraestrutura de segurança cibernética na América Latina e incentivar a diversidade no setor, promovendo e capacitando mais mulheres para ingressar nesta área, garantindo a pluralidade de perspectivas e de soluções. Como parceira de nível “CyberTech”, a Fortinet participará ativamente de ações como a feira virtual de carreiras WOMCY, programas educacionais, palestras, mentorias, webinars, sessões de discussão, reuniões e conteúdos e artigos nas plataformas e canais da organização.

“Estamos muito entusiasmados em dar continuidade a esta parceria, expandindo as nossas ações e a participação em toda a América Latina e o Caribe. Queremos aumentar a nossa contribuição para essa causa crucial e incentivar a pesquisa, a inovação e o compartilhamento de conhecimento, construindo assim uma comunidade sólida de profissionais mulheres na vanguarda da defesa cibernética”, disse Elisa Ball, diretora de Recursos Humanos da Fortinet para a América Latina e o Caribe.

Liderada por mulheres, a WOMCY é uma organização dedicada a promover a segurança cibernética entre as mulheres. A organização sem fins lucrativos tem como foco o desenvolvimento da segurança cibernética a partir de dois segmentos, educacional e corporativo, aliando formação e talento para o mercado de trabalho. Esta aliança estratégica entre a Fortinet e a WOMCY visa minimizar a escassez de talentos no setor e promover a diversidade na indústria de segurança cibernética na América Latina.

“A parceria com a Fortinet é muito significativa para nós. A Fortinet tem sido uma das maiores apoiadoras do nosso trabalho na WOMCY. Essa parceria nos permite ampliar o nosso alcance e executar ações com uma das empresas líderes em segurança cibernética na região da América Latina. A Fortinet fornece a plataforma para capacitar os nossos programas para uma comunidade que inclui líderes de segurança cibernética, funcionários, estudantes e aqueles que buscam iniciar ou avançar em suas carreiras em segurança cibernética. Juntos, estamos unindo esforços para aumentar e maximizar a participação das mulheres na segurança cibernética”, disse Leticia Gammill, presidente da WOMCY.

A parceria entre a Fortinet e a WOMCY começou em 2021, quando as empresas assinaram um acordo, e a WOMCY passou a fazer parte do programa de treinamento global, Fortinet Education Outreach Program. O objetivo do acordo é trabalhar para reduzir a lacuna de profissionais capacitados e promover a diversidade na indústria de segurança cibernética na América Latina por meio da capacitação e da certificação dos membros da WOMCY nos cursos Fortinet Network Security Expert (NSE).

Ser um parceiro CyberTech da WOMCY é mais um passo significativo no compromisso da Fortinet em promover a excelência na indústria e desenvolver talentos em segurança cibernética, uma área reconhecida pelo Fórum Econômico Mundial como uma das mais essenciais para um dos principais problemas que o mundo enfrenta hoje, as violações e os ataques cibernéticos.

De acordo com o Relatório Global de Habilidades em Segurança Cibernética de 2023, a escassez de habilidades em segurança cibernética contribuiu para que posições críticas nas áreas de tecnologia não fossem preenchidas, aumentando os riscos cibernéticos das organizações. Como resultado destas funções não preenchidas, 68% das empresas relataram enfrentar ameaças cibernéticas adicionais. Estima-se que sejam necessários 3,14 milhões de profissionais para preencher a lacuna global da força de trabalho em segurança cibernética, que continua a ser uma prioridade para os Conselhos de Administração, e há uma procura executiva por mais funcionários de segurança de TI.

Como parte do Fortinet Training Institute, o Programa de Extensão Educacional trabalha com líderes globais para impulsionar mudanças em questões urgentes de segurança cibernética. As parcerias se estendem à indústria, ao meio acadêmico, ao governo e a organizações sem fins lucrativos para garantir o alcance de toda a sociedade. Ao oferecer oportunidades de treinamento e certificação e conectar os profissionais ao ecossistema de empregadores da Fortinet, a companhia ajuda a preencher a lacuna de habilidades em segurança cibernética.

*Informações da assessoria

Semiconductors are the center of the world’s technological projects. Semiconductors and chips are essential components of smartphones.

Apple advised that they will cut their production of the IPhone 13 as a result of the chips scarcity (Bloomberg, October 12, 2021).

On its part, Facebook seems to have joined the Google and Microsoft approach, deciding to reduce their dependence on Broadcom, Intel and Qualcomm and would commence to put in place a strategy to produce specific chips for their central computers (The information).

With the arrival of 5G and also the use of multiple chips in automobiles and other fields they have become a strategic supply.

The lack of semiconductors for automotive manufacture have for example caused SEAT, the Spanish company (SEAT Motor España, Asturias Motor S.A., SEAT Deutschland GmbH) to propose an ERTE (Temporary Regulation Rule), between September 20 and June 30, 2022, in three factories in Cataluña (Europa Press), without indicating the personnel reduction percentage which would apply.

The U.S. reduced their semiconductors production for their own usage from 37% to 12% between 1990 and 2021 (Intel). What is news is that Intel will invest 80 billion US dollars in Europe during the next decade having signed in September 2021 an agreement with the European Union, aiming for digital sovereignty in 2030, ahead of the European Chips Act.

Ursula von der Leyden, President of the European Commission, announced on September 15th the European Chips Act and said that the objective is to create a latest generation European Chips ecosystem including its production, guaranteeing their supply requirements and developing new markets for European Innovative technology.
The objective during the so called “Digital Decade” is to increase the production of semiconductors from the presently 9% to 20% in 2030, looking at the Asian giant.

However in a decade China is expected to be technologically independent.

This full process started in Europe in December 2020 with the DSA and the DMA.

The European Competence Commissioner Margrethe Vestager, presented the ambitious norms for the Internet of the future until 2030, in a decade.

Also the European Commission proposes a single charger unit for the European Union (Reuters), which would became effective in 2024. The aim is an only same standard for the benefit of consumers, facilitating the usage expansion independently from brands, thus reducing costs. At present the main ones are micro USB, USB-C and Apple’s Lightning.

Another measure in the same direction is the extension established of Industry Committee of the EU during 10 years for free roaming for the residents of the EU within it.

The European legislation is planned for the present decade and the tendency is to increase the responsibilities of the large technological platforms regarding the use contents’ algorithms.

Cybersecurity

According to EURACTIV’s Luva Bertuzzi, the European Commission in 2022 will be working on digital initiatives from Brussels and also a Cyber Resilience Act.

This would be an expansion of the UE 2019/ 796 Council regulation design taken account of the supposed cyberattacks from China and Russia, directed to implement sanctions such as freezing funds and other economic means. This EU Cyber-resilience law would provide “a common Cybersecurity standard for interconnected devices”.

Cyber-resilience can be defined as the capacity to resist, protect and defend the use of the space from attackers (incine.es).

Cybersecurity is a priority for the 27 countries that form the EU. Therefore the EU has been speaking since October 2020 about “quantic encryption” and “instrumenting a resilient and digital Europe” (EU 23/3/2021 Cybersecurity Strategy Conclusions).

Cyber diplomacy

With the objective of forming an international coalition, the U.S. made a same call for a virtual meeting to thirty countries, excluding Russia and China, where representatives of Australia, Brazil, Canada, Dominican Republic, United Arab Emirates, Nigeria, South Kores, South Africa and Ukraine participated.

Cyber defense

Cyber defense is for defending critical infrastructure.

Cyber diplomacy and cyber defense are the main strategic matters for the U.S.

Leer aquí este mismo artículo en español

On July 2nd 2021 the US company Kaseya with offices in Miami, Florida, suffered a cyberattack which they described as “a potential attack on VSA”, their star product, a management and monitoring software.

Kasaya is a world supplier and one of the most important in the US.

A considerable sized ransomware overtook this software making Kaseya having to partially take down their base so as to avoid further damage.

Hundreds of users were alerted immediately. Early on 200 affected companies were mentioned, however this figure increased to thousands as assessed by the Cyber and Infrastructure Security Agency (CISA), considering the supply chain included in another 16 countries such as Sweden, UK, Canada, and Germany.

In Sweden the cash registers of the supermarket chain Coop stopped functioning and 800 stores had to be closed. At least 8 companies servicing hundreds of others may have been “compromised” (The New York Times).

The cyber pirates obviously requested a ransom. There is talk of millions and hundreds of thousands dollars depending of the size of the affected company.

There was an immediate reaction by president Joseph Biden ordering an investigation of this new attack to go ahead.

On May 12th 2021 Joseph Biden, as President of the United States of America, signed an Executive Order on improving the Nation’s Cybersecurity.

It objective is “to identify, detect, protect against and respond to these actions and actors” as a reaction to cyberattacks suffered since the beginning of his administration which obtained a large amount of classified information with Solar Winds and other attacks such as on the Colonial Pipeline and JBS as I explain in detail in my article “Cybersecurity: the future wars have started”.

The Government’s effort to improve and guarantee cybersecurity was accompanied by a request to the Congress for 10 billion dollars for that objective.

Military cybersecurity requires a separate mention.

Joseph Biden, the USA President, and Vladimir Putin, President of Russia, met in Geneva, Switzerland, on June 16, 2021 and discussed this matter and there was an attempt to show this as an “entente cordiale”.

An agreement was made to reestablish mutual ambassadors, not to return to the Cold War, about the having a nuclear confrontation being an unacceptable possibility, and the benefits of exchanging opinions on cybersecurity. Vladimir Putin said in the press conference which followed the meeting: “there is work to be done”.

Hardly a few weeks after President Joe Biden asked Vladimir Putin to slowdown the cybercrimes, a notorious cybercriminal band has been accused of carrying out an audacious attack on the global software supply chain (William Turton on Bloomberg, Urgente 24).

In my opinion, cybersecurity has become a new enhanced National Security matter.

The cyber pirates have attacked central security areas of American society, its food, gas/fuel supply, its technology and management.

Facing this situation the ransom payments themselves become less significant.

Paraphrasing  Bill Clinton, another Democrat President, we can summarize and conclude by saying: it’s the supply chains, stupid.