Artificial Intelligence: An Emerging Ally and Risk
Erik Moreno, Cybersecurity Director at Minsait, a subsidiary of Grupo Indra Mexico, highlighted the growing impact of artificial intelligence (AI) on digital transformation during a webinar titled “The Banking Sector Facing Digital Security Challenges.” Moreno emphasized that while AI enhances business operations, improves efficiency, and brings companies closer to their customers, it also introduces significant cybersecurity risks. He stressed the need for stronger protection controls, anticipation of new attack vectors, and more agile and sophisticated mitigation strategies.
Moreno also pointed out the persistence of advanced threats and the evolution of malicious actors. He noted that attackers are now organized, professionalized, share tools, and operate in networks, requiring defenses to evolve through collaboration.
Collective Awareness: The Shared Responsibility
Moreno emphasized that cybersecurity should not solely rely on technology or system directors; it must be a shared responsibility involving employees, vendors, end-users, and authorities. He identified the challenge of user culture, particularly in the financial sector where technical knowledge gaps facilitate successful phishing, fraud, and social engineering attacks. Moreno advocated for continuous awareness campaigns targeting both executives and operators.
The Evolving Role of the CISO: From Technician to Strategic Partner
Moreno highlighted the changing role of the Chief Information Security Officer (CISO). Today’s cybersecurity director must be a strategic business interlocutor, capable of translating technological risks into financial impacts, articulating a resilience strategy, and anticipating how security can drive growth. He stressed that CISOs must understand new technologies and their organization’s business objectives, as protection alone is no longer sufficient; contributing to business development is now essential.
Cybersecurity: An Investment, Not an Expense
Moreno underscored the urgency of shifting from viewing cybersecurity as an expense to recognizing it as an investment in operational continuity. Failing to invest in cybersecurity can lead to service disruptions, loss of customers, regulatory penalties, and irreparable reputational damage. He emphasized that cybersecurity should be viewed as a competitive advantage.
Looking Ahead: The Future of Cybersecurity
Moreno expressed his desire to reduce the specialized talent gap, but acknowledged a more realistic outlook of an increasingly complex environment. He noted that digital transformation and AI are expanding the attack surface, necessitating 360-degree strategies that combine technology, talent, and culture to address upcoming challenges.
Moreno concluded that in a constant threat landscape, cybersecurity must be integrated into business design rather than treated as an afterthought. His message was clear: “Resilience is not an option—it’s a necessity.”
Key Questions and Answers
- What are the main challenges in cybersecurity for 2025? Advanced threats, evolving malicious actors, and the double-edged sword of artificial intelligence require enhanced protection strategies, collaboration, and a culture of prevention, resilience, and awareness.
- Why is AI both an ally and a risk in cybersecurity? AI can improve business operations and customer relationships, but it also introduces significant cybersecurity risks that need to be managed through stronger protection controls and agile mitigation strategies.
- What is the new role of the CISO? The CISO must be a strategic business partner who understands new technologies and their organization’s objectives, contributing to business growth rather than just protecting it.
- Why should cybersecurity be considered an investment, not an expense? Failing to invest in cybersecurity can lead to service disruptions, loss of customers, regulatory penalties, and irreparable reputational damage. Viewing cybersecurity as a competitive advantage is crucial for business continuity.
- What does the future hold for cybersecurity? As digital transformation and AI expand the attack surface, organizations need comprehensive 360-degree strategies combining technology, talent, and culture to address upcoming challenges.
