entrevista pablo juan mejía

“Realsec by Utimaco is a comprehensive and totally reliable partner in cybersecurity”

Interview with Pablo Juan Mejía, CEO of Realsec by Ultimaco

After the acquisition of Realsec by Utimaco. In practice, what does this alliance between cybersecurity companies mean?

As they say, union makes strength, and the alliance between these two technology companies linked to the cybersecurity sector has served to expand and diversify the portfolio in this field: HSM in the cloud, encryption solutions, PKI, digital signature, data protection, cybersecurity in IoT environments, post-quantum cryptography, etc. As a result of this merger, customers now have a comprehensive and totally reliable technological ally in cybersecurity.

In addition to strengthening our brand image worldwide, we have also supported the positioning of the Realsec brand in Spanish-speaking countries with the creation of Realsec by Utimaco.

In the specific case of Latin America, how is the company’s presence in the region articulated? What products and solutions does it offer in the Latin American market?

Since 2010, Realsec has had its own office in Mexico, which in February of this year was expanded and relocated, with larger facilities under the umbrella of Realsec and Utimaco brands, and with more staff, both technical and commercial.

At the same time, we have the support of a solid network of partners in the region, our own staff in Colombia in charge of the South American region, as well as Utimaco’s headquarters in the USA, which allows us to offer a broad cybersecurity offer to the entire Latin American market in the financial, government and global industry sectors.

Traditionally, Realsec’s offer has been based on cybersecurity, such as encryption and digital signature solutions, for the banking sector. Now, through Ultimaco, it is also emphasizing automotive cybersecurity. In this regard, what cyber risks do connected vehicles face today?

Indeed, although Realsec is strongly positioned in the security of methods of payment, one of the new scenarios where along with Utimaco we are currently focusing on is the securitization of data and communications of devices connected to the Internet of Things, with the protection of connected car data being a key axis in our strategy.

Connected cars have been around since the 1996 Cadillac DeVille, whose simple cellular connectivity allowed drivers to access roadside assistance. In the wake of this event, vehicles have greater connectivity, becoming Internet of Things (IoT) hubs with dozens of Internet-enabled components, ranging from diagnostic modules that most drivers don’t interact with to in-car WiFi and entertainment systems. As a result, these vehicles have additional functionality, but could allow third parties to compromise a vehicle’s systems and steal data, blackmail drivers or even gain control of a vehicle’s steering.

Although the connected car concept appeals to both users and manufacturers, threats to privacy and possible fraudulent access and use of user data (biometric, payment, etc.) are the two main concerns of connected car users, as reflected in a recent study by Utimaco on digital security.

What actions have you promoted at Utimaco to raise awareness about automotive cybersecurity?

Trends such as the connected car or Smart Cities (an example of this are the projects carried out in the city of Singapore) are a very important part of our current business and where we are constantly developing and launching pioneering and robust solutions for the security of these environments, which are susceptible to attacks due to the large amount of personal information they handle. We are already future-proofing these solutions against the threat posed by quantum computers by enabling crypto-agility with post quantum cryptography.

Another example of our commitment to security in the automotive industry has been the sponsorship of the Hansen Motorsport AB Rallycross team tour, to highlight not only the external security of the vehicle, but also in other aspects such as the protection of devices and data that minimize the risk of fraud.

Broadly speaking, could you explain what quantum computing is and how it could affect the safety of connected vehicles in the medium to long term?

While vehicles are increasingly connected, computer scientists and physicists are taking computing to a new level. Quantum computing uses the counter-intuitive effects of phenomena occurring at sub-atomic scales to vastly increase its power. Hypothetically, it could take even the fastest of conventional computers trillions of years to break the encryption on one of the digital signatures that secures digital files, while a quantum computer could do it within hours or even minutes.

Quantum computers are constrained by the number of ‘qubits’, or quantum bits. These are quantum versions of the bits (‘binary digits’) in traditional computers. The millions or billions of bits in the processor can be either zero or one depending on the voltage running through it. However, qubits can be in multiple states at once, enabling them to do far more with a small number of bits than a standard computer can with billions.

The security of a connected car is largely based on cryptography and the use of cryptographic keys to identify and authenticate individual components within the car and to protect data and the transmission of data. Since the lifetime of a car averages more than 10 years, cars that are designed today will have to withstand cyber threats that may become a reality several years from now, including the threat posed by quantum computers which will be able to break many of today’s crypto algorithms, thus jeopardizing the security of the connected car.

Utimaco has been researching and anticipating the advantages of post-quantum cryptography for data protection for many years, even betting on a simulator that can be accessed through this link.

Mexico is preparing for the use of PIN on line in methods of payment, how can Realsec help banks and Fintechs in this matter?

Banking takes another step towards secure digital transformation by allowing users to activate their card PIN online, instantly after receiving it, and in a more secure and direct way such as via SMS or app; avoiding calls to third parties, operations on devices, more likely to be intercepted and, therefore, to be victims of fraud.

With our HSMs, all the actors involved (banking, Fintech, acquirers and users) in this process of change, managing and updating PINs can be calm and secure because the generation and custody of cryptographic keys are safe from cybercriminals and therefore, their data is safe.

Finally, can you tell us what innovations are you preparing for 2023 for the Latin American market?

In the region we will continue working on our positioning of being the best technology and cybersecurity partner for different industries (automotive, energy, airports…) along with the financial sector, government and other critical infrastructures.

We will continue to expand and train our teams and partners to meet the demand and cybersecurity needs of any organization anywhere in the region.

No Comments

Post a Comment