As an industry analyst, you have to use all the tools available to you in order to get your finger on the pulse of the markets.
Watching advertisements is one of my favorite ways to do this, as you can deduce a lot of things about the state of the economy, or even just a segment of it, only by watching the slew of 30 second televised sales pitches during a popular sporting event.
During a recent trip to New York, I was surprised to see a couple of information security-related ads at the airport, as they are very unusual to find in Latin America. Normally, they are confined to industry media, the type that will capture the attention of IT decision-makers.
So, I started to wonder whether the U.S. and Latin America had a substantial difference in cybercrime, as this might justify the increased exposure of such solutions. Or if perhaps the level of awareness regarding cyber-security varies greatly across both regions.
Analyzing Both Markets
In order to get some answers, I took a look at some of our previous research, which showed that North American IT decision-makers placed responding to security threats as their third challenge, following the alignment of IT with business strategies and migrating to the cloud. Meanwhile, their Latin American counterparts placed security as the second challenge (the first is also alignment of IT with business strategies), at the same level of migrating to the cloud.
Furthermore, in Latin America, cybersecurity is the main IT investment today and in the short term, with 66% of those who responded to our survey saying they are spending on this now, while 24% are planning to do it in the next two years.
Among top cybersecurity concerns, malware ranked first (64%), followed by cybercrime (63%) and cyber-espionage (56%).
A seasoned expert in security in Latin America, Ghassan Dreibi, Latin America Business Development Manager at Cisco, also agreed that in terms of security attacks our region is very similar to the rest of the world, and in some cases even worse.
A context of computers without proper updates or security patches, operating with software without license, leaves the region more vulnerable to attacks. For example, according to Cisco’s Security Report for mid-year 2016, risks associated with JBoss servers in Brazil is at 16% (compromised servers as a share of total servers), while this rate is 11% in the United States or 7-10% in Europe.
Another metric that Cisco tracks is the average years during which the company’s own devices have been vulnerable. While North America has an average of 5.6 years, South America has an average of 5.8 years.
Even so, Dreibi sees differences among the countries in Latin America. Some of them, like Mexico or Chile, are more in line with other regions in terms of awareness and investments in security. Brazil is also an advanced country, although its recent economic crisis has led to some “slowness” in investment. Meanwhile, Argentina and Colombia are just starting to pick up the pace, together with Panama and Costa Rica.
False Security Perceptions
According to Pablo Dubois, Regional Security Product Manager at Level 3, Latin America has always been one step back from the more developed regions in terms of security adoption. Now this gap is less notable, but it still exists.
In addition, Dubois indicates that in countries like the U.S. it is normal to inform about security breaches or attacks, while that does not happen in Latin America. Hence, there is a false perception that the region is more secure.
Cybersecurity is becoming more and more a critical part of every company’s IT strategy. And while some regional differences still exist, it is clear that for cybercrime, the world is one — there are no boundaries.
IT strategists must recognize this fact and act upon it, without relying on their next visit to an airport to learn about new security software.