Swivel Secure interviews Nathaly Rey, Executive Director, ISMS Forum Spain

Nathaly ReyISMS Forum is a non-profit organisation which promotes the culture of information security in Spain. The association provides a platform for companies, public organisations, experts and universities, to share their experiences and knowledge of different areas of cyber security. With more than 800 members, ISMS Forum is the largest Spanish network of experts and organisations engaged in information security. Its members comprise leading experts from banking, government, health, telecommunications, insurance, energy, utilities, information technology, audit and legal sectors. For more information please visit www.ismsforum.es

What role do you see Swivel Secure playing within ISMS Forum?

Swivel brings to the Forum a new approach to authentication through its innovative tokenless and one-time-code technologies. These contribute to building a trusted digital identities ecosystem, which is crucial to making cyber space more secure.

Why do you think it is important to have a global organisation, such as Swivel Secure as a member?

Like many other global companies such as HP, IBM, Symantec, McAfee, etc. Swivel provides us with a greater understanding of innovations and trends affecting information security, which enables our members to better manage their cyber security programs. ISMS Forum also provides our members with the opportunity to understand how their technologies and solutions meet local users’ needs, expectations and concerns. This is driven by local laws and regulations, organisational cultures, and the local industry’s level of maturity and understanding of information security.

What are ISMS’s priorities for 2013?

The main priorities of ISMS Forum for the next 12 months include:

Fostering the role of security within public and private organisations. It’s time for cyber security to be acknowledged as a Board-level business risk.

Increasing the commitment of regulators and policy makers within cyber security, and promote their debate and collaboration with the private sector through activities such as information sharing and joint cyber exercises.

Continuing our ongoing objective to enhance knowledge and understanding of the risks to information security in Spain and continue to train local experts.

What do you think are the biggest security threats facing Spain over the next five years?

The lack of transparency and information sharing regarding cyber security incidents is one of the major problems affecting information security in Spain.  A dispersed and weak regulatory framework is also a barrier to improving national cyber security.

Areas such as mobile, cloud computing and critical infrastructures, which are growing in popularity, will attract more threat agents. Mobile in particular is a fast growing trend and attackers will undoubtedly make use of mobile exploits to gain access to corporate networks.

On the other hand, as devices such as smartphones, laptops and tablets do not have adequate protection in terms of encryption and password security, data loss and identity theft incidents are also likely to grow. Cloud computing and the high concentration of data stored within the cloud will also be a very attractive target for attackers.

Meanwhile, advanced persistent threats (APTs) are likely to be launched against more types of organisations, especially by those hackers that go after high value intellectual property. Critical infrastructures may also be at increased risk of cyber attacks as their control systems are increasingly connected to the internet.