SOCRadar® Cyber Intelligence Inc. | Navigating the Cybersecurity Landscape: Insights from José Carlos Hurtado Hernández
Home

Resources

Blog
Aug 27, 2024
5 Mins Read

Navigating the Cybersecurity Landscape: Insights from José Carlos Hurtado Hernández

This interview is part of our ongoing series with industry leaders who share their experiences and strategies in the cybersecurity field. In this edition, we feature Jose Carlos Hurtado Hernández, CISO of the Seguros G&T. With his extensive experience managing complex projects, José Carlos offers valuable insights into how organizations can navigate the evolving cybersecurity landscape. This series aims to provide professionals with diverse perspectives on enhancing security measures and addressing the challenges posed by emerging threats.

Cybersecurity has become a fundamental priority for organizations across all sectors in the increasingly digital and interconnected world. As cyber threats grow in complexity and frequency, the need for robust strategies to safeguard critical assets has never been more urgent. 

Jose Carlos Hurtado Hernández, a seasoned executive with deep expertise in navigating the cybersecurity landscape, offers invaluable insights into how organizations can effectively manage these evolving challenges. Hernández’s perspectives highlight the delicate balance between leveraging cutting-edge technologies and reinforcing core security principles to build resilient defenses.

The Double-Edged Nature of Emerging Technologies

Artificial intelligence (AI) and machine learning (ML) transform cybersecurity, offering powerful tools for automating threat detection and streamlining tasks. However, José Carlos emphasizes that these technologies also introduce significant risks when misused by attackers. 

Hernández advocates for a cautious and thoughtful approach to AI and ML, urging organizations to fully understand the implications before integrating these tools into their cybersecurity strategies. Ethical considerations and control mechanisms are essential to ensure these technologies enhance security without creating new vulnerabilities.

José Carlos believes that human actions remain the most significant threat despite these advancements. Hernández stresses returning to cybersecurity fundamentals—enterprise architecture, secure development, and thorough risk analysis—to build a robust defense against traditional and emerging threats.

Addressing Top Threats and Prioritizing Investments

In sectors like insurance, particularly in Central America, ransomware, third-party risks, and security breaches are top concerns. Ransomware, with its potential to halt operations and disrupt critical services, poses a severe threat. As digital transformation accelerates, the reliance on third-party providers introduces new vulnerabilities, making vendor security a key focus. Protecting sensitive data, from financial information to health records, is more crucial than ever.

José Carlos emphasizes that organizations should prioritize recovery capabilities regarding cybersecurity investments. “Restoring systems, infrastructure, and data after an attack is vital, with threats evolving rapidly. Organizational resilience, supported by robust recovery strategies, should be at the heart of any cybersecurity plan.”

Strengthening Defenses: A Holistic Approach

Combatting threats like ransomware requires a comprehensive approach. Jose Carlos Hurtado Hernández advocates protecting the end user—often the weakest link—through restrictive policies and a strong cybersecurity culture. Aligning enterprise and software architectures is another critical step, as it minimizes vulnerabilities and reduces the attack surface.

The rise of remote work has expanded the attack surface further, necessitating a shift in cybersecurity strategies. José Carlos describes how his organization adopted a “zero trust” approach, ensuring secure communication and continuous asset monitoring to adapt to this new environment.

Leveraging Cyber Threat Intelligence and Ensuring Supply Chain Security

Cyber Threat Intelligence (CTI) plays a crucial role in proactive cybersecurity. José Carlos highlights the importance of learning from case studies of organizations that have faced attacks, using these lessons to anticipate and prevent similar incidents. Tools like SOCRadar have proven invaluable in monitoring Dark Web activities and enabling swift responses to emerging threats. 

Ensure the security of the supply chain in tandem with CTI; Jose Carlos Hurtado Hernández stresses the need for rigorous processes, including regular monitoring and auditing, to ensure that suppliers and vendors adhere to the highest security standards. Integrating threat intelligence into these processes can strengthen the organization’s security posture.

Building a Strong Cybersecurity Culture

For Jose Carlos Hurtado Hernández, a strong cybersecurity culture is as critical as any technological investment. He believes that cultivating this culture across all levels of the organization requires continuous effort and support from senior management. “Effective communication is key, especially when engaging with non-technical stakeholders,” he added.  

By framing cybersecurity issues in business terms and focusing on their financial and operational impacts, José Carlos bridges the gap between technical challenges and business priorities, making cybersecurity a strategic concern for everyone.

Investing in talent is equally important. José Carlos advocates for increased funding to attract and retain skilled professionals who can navigate the complexities of cybersecurity, ensuring that the organization is prepared for current and future challenges.

In conclusion, Jose Carlos Hurtado Hernández encourages organizations to prioritize cybersecurity as a technical challenge and a critical mission. “Protecting the organization and society from the growing threats in the digital world requires a balanced approach that combines emerging technologies with solid fundamentals, strategic investments, and a pervasive cybersecurity culture.” His insights offer valuable guidance for leaders and professionals, providing a clear path forward in the ever-changing cybersecurity landscape.