We’ve expanded our team with cybersecurity specialists

We’re excited to announce the recent addition of a new team specializing in security consulting, marking a significant strategic step for us. The inclusion of these new experts strengthens our value proposition, which incorporates security into the design of the technological solutions we offer. This move bolsters the safety and efficiency of our clients' and partners’ digital transformation efforts.

This new unit will focus on expanding our Governance, Risk, and Compliance (GRC) area, enabling us to help organizations align their technological processes with business goals and regulatory compliance requirements—crucial in today’s digital landscape.

The team is made up of highly qualified professionals with extensive experience in key areas such as information security, technology, data protection, and regulatory compliance. Collectively, they bring decades of experience from top multinational companies like Prisa Group, Orange, and Telefónica, having held roles ranging from technical consultancy to project and team management.

Our new team members excel in:

• Technical consulting and Governance, Risk, and Compliance (GRC)

• Security process analysis, development, implementation, and auditing

• Risk management and information security projects

• Auditing and implementation of protection systems

• Developing comprehensive security plans

• Compliance with certifications like ISO 27001/27002 and PCI DSS

• vCISO services

This combination of skills and expertise allows us to offer a holistic approach to information security, covering everything from technical aspects to strategic and compliance-related areas.

To strengthen its focus on cybersecurity, SNGULAR has brought on Javier Mitxelena as the company’s new advisor on the subject. Mitxelena is a leading authority on cybersecurity in Spain, with an extensive career in the tech industry. He currently serves as the President of Cybasque (Basque Cybersecurity Cluster) and is the founder and CEO of Cybertix Simulation Technologies, S.L. Additionally, he has recently joined the board of AEI Cybersecurity as President, and he is a member of the Advisory Council for Ironchip and DocExploit, as well as the National Security Forum.

The Other Side of Digitalization

In today’s digital landscape, information security has become a cornerstone for protecting digital assets and ensuring business continuity. The growing sophistication of digital threats, along with the rapid digitalization of businesses, has elevated information security from a technical concern to a strategic priority at the executive level.

One of the most notable trends is the advanced use of Artificial Intelligence (AI) and Machine Learning for both defense and offense. While organizations leverage these technologies to enhance threat detection and response, attackers are also using them to create more sophisticated and harder-to-detect threats. This has sparked a technological arms race in the realm of digital security.

Other significant trends include the rising importance of cloud security, IoT environments, and the adoption of 'Zero Trust' security architectures. Additionally, the implementation of the NIS2 directive in Europe is pushing many organizations to significantly enhance their digital security practices.

Today’s Threats

The digital threat landscape is constantly evolving. While common threats such as ransomware and phishing remain major concerns, our new cybersecurity team has identified two additional areas that pose significant vulnerabilities for organizations.

Ransomware continues to be a persistent threat, with increasingly sophisticated attacks that can cripple business operations. Meanwhile, phishing tactics have evolved, using more refined social engineering techniques aimed at deceiving even the most cautious users.

Beyond these well-known threats, poor security governance has emerged as a critical risk, along with the lack of a structured, methodical approach to implementing information security processes. The absence of well-defined security programs creates gaps in the protection of critical digital assets.

Equally, concerning is the lack of employee awareness. The human factor remains the weakest link in the security chain. However, with proper training, employees can become the first line of defense against digital threats.

The New European Cybersecurity Directive

The implementation of the NIS2 directive in Europe is driving many organizations to significantly improve their digital security practices.