São Paulo/SP – January 6, 2023. The monitoring of information and security events is a set of activities and technologies for collecting and analyzing information in order to detect suspicious behavior or unauthorized changes in the network and in the technological environment of your company. Incident response, in turn, is the set of activities or process to react to threats such as cyber attacks, security breaches and unavailability of services.
*By Mark Paul
In recent years, Brazil has been among the countries in Latin America and the world that suffer most from cyber attacks. The perspective of experts on the subject is an expansion in the volume of attacks in the coming years. Faced with this scenario, the government, regulatory agencies, municipalities and institutions are increasingly establishing requirements to encourage companies from the most varied sectors to establish controls related to cybersecurity and data privacy, with the aim of identifying threats, responding and recovering. of incidents.
For companies, investing in processes, people and technologies related to cybersecurity implies not only the protection of their information, or the relationship with their consumers, suppliers and partners, but also compliance with such requirements, since many of these foresee the application of fines and penalties in cases of inadequacy or non-compliance with requirements.
What is incident monitoring and response?
The monitoring of information and security events is a set of activities and technologies for collecting and analyzing information in order to detect suspicious behavior or unauthorized alterations in the network and in the technological environment of your company, determining which situations should generate alerts and which the measures to be taken. Incident response, in turn, is the set of activities or process to react to threats such as cyber attacks, security breaches and unavailability of services.
Faced with the growing scenario of threats and cyber attacks, both processes become fundamental to ensure greater visibility, efficiency and security, not only in your company's environment, but also in the entire ecosystem (customers, partners and suppliers). Due to their relevance, these processes are increasingly mentioned in laws, resolutions, circulars or ordinances.
Examples – Requirements:
Below are examples of Laws, Resolutions and Circulars from Brazilian regulatory bodies that determine the need to establish cybersecurity controls focused on monitoring and responding to incidents.
LGPD (Law No. 13,709 of August 14, 2018)
- “Art. 46. Processing agents must adopt security, technical and administrative measures capable of protecting personal data from unauthorized access and accidental or unlawful situations of destruction, loss, alteration, communication or any form of inappropriate or unlawful treatment.”
BACEN (CMN Resolution No. 4,893, of February 26, 2021)
- “Art. 3 The cybersecurity policy must include, at a minimum:
II – the procedures and controls adopted to reduce the institution's vulnerability to incidents and meet other cybersecurity objectives;
III – specific controls, including those aimed at the traceability of information, which seek to guarantee the security of sensitive information;”
SUSEP (Circular No. 638 of July 27, 2021)
- “Art. 5 The supervised body must have, and keep updated, processes, procedures and effective controls for:
I – proactively identify and reduce vulnerabilities; and
II – detect, respond to and recover from incidents.”
- 6 The processes, procedures and controls mentioned in item II of art. 5 should include, at a minimum:
I – continuous monitoring of the communication network, through techniques that assist in the detection of incidents;”
ANATEL (Resolution No. 740, of December 21, 2020)
- “Art. 5 The natural or legal persons directly or indirectly involved in the management or development of telecommunications networks and services must act in Cyber Security observing the following guidelines:
V – identify, protect, diagnose, respond to and recover from Cybersecurity incidents;”
ANEEL (Resolution No. 964, of December 14, 2021)
- “Art. 3 The guidelines for acting in cybersecurity are:
V – identify, protect, diagnose, respond and recover from cyber incidents;”
In the previous section, we listed examples of requirements present in Laws, Resolutions and Circulars at the national level. However, it is important to note that there are also international regulations and standards that bring requirements related to cybersecurity and may affect your company's business and operations, for example PCI DSS (Payment Card Industry Data Security Standard) and the Sarbanes-Oxley Act. Observing and ensuring compliance with such requirements not only enables greater security and transparency, but also prevents the payment of fines and negative publicity arising from non-compliance with requirements, or even a cyber incident.
Regardless of the legislation applicable to your company's business and operations, the growing number of threats and cyber attacks justifies the need for greater attention, establishing a monitoring and incident response process, and making investments in people, processes and technology to protect your information.
How can we help?
THE SAFEWAY is an Information Security consulting company recognized by its clients for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.
today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.
In order to support companies in this process of evaluation and adaptation to the requirements of the LGPD, [SAFEWAY] has in its portfolio of services, the Cybersecurity Health Check whose objective is to carry out a diagnosis of the CyberSecurity, Information Security and Data Privacy implemented in your company, contemplating the pillars of Law Suit, People and Technology.
through the Cybersecurity Health Check, risks associated with information security and privacy of internal processes and activities are identified, existing controls and new controls evaluated according to the size of your organization to increase the level of maturity and compliance, in accordance with good information security practices. If you would like more information, contact one of our experts!