The diversity of experience in GMST positions it as a valuable resource for knowledge about cybersecurity in the Latin American and Caribbean market, as well as having a global perspective and local context.
“Typically, most security outfits evolve from a pure technology or security origination,” says Martinez. “Our close to 50-year history, which in itself is a milestone outside of the IBMs and HPs of the world, is a key element to our leadership in the security space.”
Latin America is still evolving in the cybersecurity area, according to Martinez, with regards to its understanding of the threat landscape. “We have seen a number of sophisticated attacks emanating from our geography to the world and within the different countries in Latin America.”
The Organization of American States published the “State of Cybersecurity in the Banking Sector in Latin America and the Caribbean” in 2018. Among its significant findings are:
- at least 9 out of 10 banking entities suffered cyber incidents during the last year.
- 37 percent of the banks in the region were victims of successful attacks.
- 39 percent of the incidents were not reported.
- 19 percent of the largest banking entities did not report cyber incidents.
“The report also shows that the majority of the countries count with no coordinated capabilities to fully respond to cyber threats, meaning that their vulnerability to cyberattacks in any sector is high,” says Martinez. “If we take into account that the financial sector is a key environment for a functioning country, having a weakness in cybersecurity should not be a low priority national interest.”
The current information on cybersecurity breaches clearly reflects an increasing trend such as a recent attack to Banxico, the central bank in Mexico. 836 accounts in 10 different institutions were compromised, resulting in a loss of 300 million Mexican pesos ($16 million U.S.D.). And Banco de Chile lost $10 million U.S.D., due to a cyberattack. Money is not the only spoil from cybercrime, as Banco Inter, a Brazilian bank, fell 11 percent in market shares when it was reported that a hacker stole sensitive information.
One of the challenges of the region is a lack of coordination among government, academia, and business surrounding cybersecurity. GM Security Technologies is at the forefront of helping to resolve this problem, as a member of the Forum of Incident Response and Security Teams (FIRST) – a consortium that enables incident response teams to more effectively respond to security incidents by providing access to best practices, tools, and trusted communication with member teams.
Through Martinez’s commitment to moving the needle forward, GMST is the go-to service provider for any organization — public or private — that wants to secure its technology stack through a combination of people, technology, and processes.
GMST has become the largest Payment Card Industry Security services and fraud prevention company in Latin America through its recent acquisition of 1st Secure IT — a Florida based information cybersecurity firm.
“We’re laser-focused on payment security,” says Martinez. “Our goal is to create awareness and hardening at payment companies, financial services, and merchants who process, transmit or store payment card information.”
The Payment Card Industry Security Standards Council (PCI-SSC) was created in 2005 and endorsed by the five major payment card brands, with the goal of helping merchants and financial institutions understand and implement standards for security policies, technologies, and ongoing processes that protect their payment systems from breaches and theft of cardholder data, according to the website.
Out of this work, the PCI Data Security Standards (PCI-DSS) were developed as a common language and benchmark for all companies to follow, while securing their payment processing. GMST is a certified PCI-SSC Qualified Security Assessor, which means it plays a vital role in ensuring that merchants meet the highest level of security as set down by the council.
“GM Security Technologies truly believes that the most efficient way to improve overall security posture across payment systems is to continue evangelizing the importance of PCI-DSS compliance and mentoring merchants through processors, issuers and acquirers,” says Martinez.
Another key product is GMST Security Analytics — a proprietary SIEM service that evolves according to a specific customer’s needs; works in the cloud, on-premise, or hybrid environments; and provides around the clock threat monitoring. Through affordability, simplification, speed, and versatility, GMST Security Analytics is far above the average SIEM service. And the kicker here is the software is PCI-enabled, meaning that it meets the PCI-DSS and allows for agile PCI Compliance on control 10.
GMST is shaking up the cybersecurity market for the good. Still, Martinez calls for more engagement and improvement.
“Unfortunately, security is always seen as a necessary evil,” says Martinez. “We still see action taken post breaches rather than proactively. Through education on all fronts, this pivot can happen effectively and safely.”
GMST is listed in the Cybersecurity 500 – a compilation of the premier companies innovating in the cybersecurity market globally. With its 2019-2020 edition, Cybersecurity Ventures is releasing a new poster that highlights all the honorees. Any large enterprise Latin American CISO who wants a copy should contact GM Security Technologies.
– Steven T. Kroll is a public relations specialist and staff writer at Cybercrime Magazine.