Developed by the Digital Innovation Movement, the document brings together the best management and technology practices for data security
The Digital Innovation Movement (MID), an association that brings together the largest digital platforms operating in Brazil, launches a document that presents practical advice and guidelines to help companies create an effective information security strategy.
“With the approval of the General Data Protection Law (LGPD), companies rushed to adapt from a legal point of view, but there is still much to be done to actually have an environment protected once morest cybercrime and data leaks in these companies. Our objective, as the largest representative of the Digital Ecosystem, is to pass on knowledge so that everyone commits to good practices in technology and data management”, explains Vitor Magnani, President of MID, which brings together companies such as Mercado Livre, Loggi, OLX, Rappi, among others. others.
With the guide, the reader will have an immersion in the world of cybersecurity, walking through a large amount of information and tips that will help C-Level executives and other managers to understand the importance of the subject.
“Digital threats continue to increase exponentially in volume, speed and sophistication. With the advent of a growing number of people in the hybrid work model and with access to business applications from different locations, individuals and companies have a growing understanding of the importance of protecting their devices, identities, platforms, clouds and data. We have to be aware that cyber attacks cause serious damage to society, the economy, reputation and the operation of critical areas of different industries. In this sense, it is essential to disseminate knowledge, providing more information on this topic with a focus on two major moments: 1. Supporting organizations in defining a cybersecurity strategy and 2. Empowering people so that they are prepared”, explains Vanessa Pádua, Director of Cybersecurity Latin America & Caribbean at Microsoft.
Divided into chapters and themes, the document addresses the digital security scenario using numbers and updated data. In addition, the material covers a variety of important topics, including the importance of raising awareness among CEOs, how to build a cyber crisis management model and data usage within companies, how to monitor attacks, LGPD, among other topics.
“Cybersecurity is an incipient topic in Brazil. Here, we still don’t have many trained professionals for this task and few suppliers to help companies in this permanent work of guaranteeing data security. Therefore, we are bringing together the best initiatives and people to lead this agenda in the country. We are going to create the largest group of people and companies dedicated to the subject”, adds Magnani.
“Information security is a strategic issue that requires constant updating and must be monitored by senior management and company boards. Therefore, some frameworks information security are regularly updated”, comments Patricia Peck, founding partner of Peck Advogados. The executive points out that companies must create an information security program evaluating the main frameworks market and comparing the controls that best meet your business needs.
Among the models of information security and cybersecurity management structures already available on the market that Patricia indicates are: the technical standards of ABNT NBR ISO/IEC 27.001, the CIS Controls model that brings a set of cybernetic security controls and the Security model NIST (National Institute of Standards and Technology) Cybernetics which provides a set of cybersecurity practices, guidelines, and standards for companies of all sizes and industries looking to begin or enhance their cybersecurity program.
As for specific applications or operations, Patricia recommends following rules such as PCI DSS, which brings security requirements for companies that process credit card data as well as the. Cloud Controls Matrix from the Cloud Security Alliance presents a set of cybersecurity controls for cloud environments.
According to Carla do Couto Hellu Battilana, partner in the Cybersecurity & Data Privacy area at TozziniFreire Advogados, in the event of a security incident, it is necessary for those responsible to verify the nature of the incident, the data involved and the company’s line of business. to identify if any law or resolution applies to the case, in addition to the LGPD.
“In the event of a security incident, the assessment of various aspects is essential so that companies can verify, in addition to the necessary remedial measures, what their obligations are to authorities and data subjects, which may include reporting obligations and notification. For this reason, an adequate response plan is fundamental”, says Carla.
The Cybersecurity Guide is available in digital format. For more information access:
About the Digital Innovation Movement (MID):
The Digital Innovation Movement (MID) is an entity that brings together the largest digital platforms in the country in the segments of marketplaces, e-commerces, healthtechs, digital banks, fintechs, means of payment, investors and others. The MID emerged to represent and address collective interests related to the digital ecosystem with the Government, educational institutions and civil society.
To this end, it encourages public and private actions that contribute to the development of digital transformation, competitiveness and sustainability in Brazil. Currently, Movimento brings together more than 150 companies, such as Mercado Livre, Quinto Andar, Loft, 99, GetNinjas, PayPal, Loggi, Movile, C6 Bank, Facily, Rappi, Tembici, OLX, WorldPay, Hotmart, Dr.consulta, Teladoc, Maida.Health, Adiq, PaySmart, Banco Inter, Grupo Mosaico, Leroy Merlin, BanQi, Whirpool, Banco Carrefour, Monetizze, Sodexo, TecBan, Edenred, among others.
For more information, visit the website and follow MID on social media: LinkedIn, Instagram and Facebook. Check out MID’s proposals for service providers and apps on Youtube.
Information for the press:
Sing Communication
Gustavo Fritz, Luiz Valloto, Janaína Leme and Vânia Gracio.
[email protected]
