Aiert Azueta Dudagoitia, BeClever: "technological innovation should not be linked to the size of the organization"
Despite the many examples of companies being attacked by cybercriminals, businesses, especially small ones, are still not willing to prioritize cybersecurity and innovation.
The volume of cyberthreats is only increasing, causing companies to collapse. Whether it's stolen sensitive data or financial theft, the damage can be hard to mend.
Of course, there are such solutions as password managers or virtual private networks (VPNs) that help secure individuals from cyberattacks. However, organizations should implement more advanced measures, such as identity & access management.
For this reason, we invited Aiert Azueta Dudagoitia, the CEO of BeClever – a Spain-based IT services company focused on Digital Transformation and with extensive experience in providing disruptive cybersecurity services and solutions. Dudagoitia agreed to share his views on the best threat prevention methods, cybersecurity, and other IT solutions.
How did BeClever originate? What has the journey been like since your launch in 2011?
The firm was founded in 2011 by a small group of young entrepreneurs, with a very clear mission: "To deliver innovative and valuable technology solutions that enable our clients to meet their business objectives and address key technology challenges.”
During the first years, one of our main focuses was to provide professional services for an American multinational. We were providing European-wide services related to application performance analysis and database replication projects. The idea was: "why don't we try to replicate this at home?" So, we decided to start BeClever Solutions in 2011. Our aim was to offer our customers innovative solutions and services that would enable them to do things more efficiently. Now, we have managed to position ourselves at the forefront of the industry and become an international benchmark. And our range of services has evolved in the same way with a clear objective: to anticipate our customers' needs. Focused on Digital Transformation, we have three core areas that cover our clients’ main technological needs: Cybersecurity services, Infrastructure & Data, and Applications, providing highly specialized services through the use of a wide range of cutting-edge technological solutions and working closely with our partners.
One of the company's main bets was made in 2015, when we started our specialization in Digital Identity Security. Another example can also be found in 2019, when we added Process Automation services using bots (RPA). Both are solutions and technologies that, at this time, were completely new to the market and would set the trends for years to come.
Our commitment to technical specialization and customer focus defines who we are.
Can you tell us a little bit about what you do? What are the main challenges you help navigate?
Companies are in the process of transforming to meet the challenges ahead, save costs, and become more efficient and secure. Offering innovative services with a high degree of specialization that accompany our clients in their digital transformation process is part of BeClever's DNA. We are constantly evolving in order to anticipate the needs of our customers in three main areas:
- Cybersecurity. We help organizations complement traditional security measures with state-of-the-art ones; Identity-based Security is key to minimize the attack surface, and therefore, risk. Specializing in IAM, BeClever encompasses full services around AM, CIAM, PAM, and IGA. The objective is to maximize user experience and improve security by guaranteeing that the right people have the right access to the right resources at the right time (our least privilege approach will make sure anybody has only needed permissions to carry out their work, thus minimizing the attack vector in the event of security breaches).
- Infrastructure and data. We leverage innovative technology to ensure application performance, user productivity, and seamless coexistence in a Hybrid infrastructure, while easing the transition to the cloud. We help companies define the most appropriate strategy based on their needs, accompanying them on their journey to the cloud where appropriate and running an efficient operation of their hybrid infrastructure.
- Applications. Specialized in automation of non-value-added manual processes using software robots and improving customer and corporate training and enablement leveraging end-to-end eLearning technology capabilities.
Do you think businesses of all sizes should invest in IT solutions tailored specifically for them or is this practice only relevant for large enterprises?
Technological innovation should not be linked to the size of the organization. Just as size does not define the real capacity of a company.
What is clear is that in a world as competitive and internationalized as the one we live in, the companies that prosper are those that are most willing to innovate. And there is no doubt that innovation is closely linked to technology.
Businesses of all sizes must invest in IT solutions tailored to their specific needs as a key driver of economic growth.
The technology market as a whole is advancing at an unstoppable pace, incorporating new techniques to maximize the security and productivity of organizations. And businesses need to ensure that they make the most of this.
We can find an example in RPA technologies. By incorporating Robotic Process Automation, it is possible to automate the process of accounting and payment of invoices, thus reducing the time required to process invoices. It facilitates the identification of the expense in time, gives greater control in the process of accepting and releasing expenditure for payment, and also in cash management. And it is only an example of what technology could do for any organization of any size.
This example applies to companies of all industries and sizes. Only with automation can we take advantage of the benefits and speed to market digitalization.
What was it like providing IT services during the pandemic? Were there any new challenges you had to adapt to?
Cybersecurity is a booming industry. This is a fact that was proven during the pandemic. The global crisis caused by the Coronavirus has completely changed CIO priorities and associated budgets.
The pandemic drove the need for organizations to offer remote connections to their workers who, overnight, needed to turn their homes into their offices, and to do so securely. This means incorporating technology initiatives to guarantee secure access to corporate applications while providing an appropriate user experience.
Consequently, both vendors and service providers had to change at the same speed to support these needs: telework, cloud, hybrid environments, advanced security, and more. And these are precisely some of BeClever's core specialties.
This situation, in a way, only reinforced BeClever's clear commitment to identity-centric security solutions (IAM), and the definitive push for the journey to the cloud.
In your opinion, what misconceptions surrounding cybersecurity are the most prevalent today?
“Cybersecurity is only for big businesses” and "What cybercriminal is going to waste time stealing my data if it's not important?"
These are some of the arguments used by small businesses that are unaware that any system is susceptible to attack, either to steal data or simply as a way to direct more sophisticated or massive attacks using the SME's information or infrastructure as a mere intermediary.
Too many organizations still believe that there is little chance of a cyberattack and therefore, do not spend resources on protection. They may also believe that protection is too costly to invest in. However, the costs of remediating an attack are always much higher.
“Cybersecurity only protects us from cybercriminals.”
A proper IT security policy is particularly useful for protecting our valuable data against ransomware attacks. But what is not known is that when it comes to data breaches, one of the biggest and most underestimated risks and causes is the insider threat, intentional or not.
Each set of user credentials represents a pathway to an organization's critical systems, and they pose a risk due to many circumstances. They are at risk of being lost, stolen, or shared with others, among others. Users may be subject to phishing or social engineering. Or they may leave passwords exposed or store sensitive information unencrypted in cloud-based applications. Undoubtedly, a zero-trust, identity-centric approach to security is needed.
In BeClever, we are specialized in IAM, (Identity & Access Management), covering the full scope with services around AM, CIAM, PAM, or IGA, and highly technical capabilities.
What would you consider the biggest challenges that companies run into on their digital transformation journey?
Despite the fact that the majority of organizations are aware of the high positive impact that digital transformation brings and means in terms of business, the reality is that most of these companies have some barriers they have to face before starting the journey toward Digital Transformation.
- Align business and people. Human nature likes routine, it makes us feel comfortable. We define it as the "comfort zone." When change comes to the organization, some people may feel uncomfortable with it or interpret it as a threat. However, it is vital for the survival of the company to keep up with the times, changes mean progress and future, while not changing is much riskier. Digital Transformation is closely linked to the achievement of business goals.
- Support of the leaders. For any change to be successful, every company needs the support and commitment of top management. Unfortunately, even in many organizations, actual management support for digital transformation initiatives is still insufficient. It should be borne in mind that transformation initiatives often emerge in the middle of organizations and need the support and involvement of the executive areas in order to engage all employees and achieve success.
Although there are plenty of security solutions and providers available on the market, certain companies and individuals still fail to upgrade their cybersecurity. Why do you think that is the case?
In my opinion, companies are making major progress in adopting technology by incorporating cybersecurity measures to secure their present and, indeed, as the only way to “have a future.”
The technology market as a whole is advancing at an unstoppable pace, incorporating new techniques to maximize the security and productivity of organizations.
The pandemic and the emergence of mass teleworking have consolidated the reliance on digital and hyper-connected infrastructures, which in turn has increased the playing field for threat actors. As a result, all CIOs will have a common set of technology priorities. They must ensure they have the technical foundations to grow and scale quickly while dealing with the new reality of hybrid working.
So, while there is still a long way to go, I believe the right steps are being taken.
What security measures do you think are essential not only for organizations but also for casual Internet users?
All organizations face the enormous challenge of securely managing the digital identity of the organization and its employees. Digital identity is the collection of information available about a person or organization online.
This includes usernames, personal data, medical history, Internet behavior (searches, purchases, etc.), and a long etcetera, which combined, form our profile or Digital Identity. Digital Identity could therefore be understood as the electronic equivalent of the real identity.
Identity is what makes it possible to identify the ownership and trust of an organization, enabling transactions of goods, funds, people, and any other resources. Without this authentication process, organizations would not be able to perform any of the above-mentioned operations.
In the personal area, a digital identity is the Internet version of a person's physical identity.
Digital identity protection is therefore key in both the business and personal worlds and must be a priority.
What does the future hold for BeClever?
If there is something that characterizes BeClever since its foundation and that we carry in our DNA, it is the incessant search for new services and solutions that add real value to customers.
BeClever will continue to be a benchmark in the securitization of the digital identity of companies, seeking new services and solutions that help our clients advance in their digital transformation processes, accompanying them in the improvement of business processes so that we can help companies be more secure and efficient while meeting their business goals.
As IAM experts, we will increasingly participate in our clients' security initiatives, offering our vision from a digital identity security point of view, helping executives from any business area to understand what the existing risks are and how we can improve their most critical processes.
Increasingly, more effective integration between technology, security, and business processes is essential. At BeClever, we will be not only a support for our clients' technical and security teams, but we will also accompany business leaders in improving their business processes, understanding and responding to the different business needs from our IAM approach. And we will be able to harness all the resources at our disposal to improve our customers' IAM programs. Data analytics shows us how IAM will be invaluable in improving critical processes such as digitalization, AI, or RPA initiatives.
BeClever will be a global leader in the securitization of the most critical assets of companies while driving business objectives.