Strong online: our Cybersecurity Team

Jan 16, 2024 | News | 3 comments

Tags: ALMA

As an observatory we have gone through several obstacles, but the cyberattack we suffered on October 29, 2022 was an experience we do not want to relive. That intrusion affected our daily operations and communications for months, and required monumental work to recover in 2023.

This led to the need for a radical change in our information systems security, which led to the creation of an internal group of specialists focused on cybersecurity: the CyberSecurity Advisory Team (CySAT). This team’s mission is to assist in the detection of security events, risk assessment, and to support the JAO’s cybersecurity policies and transversal processes. As part of that effort, since October, we have added new staff members to the ALMA Department of Computing (ADC), focusing both on our daily operations, as well as on cybersecurity tasks and projects, for which this new advisory committee is responsible.

Ricardo Carrasco arrived in October to fill the position of Cybersecurity Engineer. Since then, “It has been a very good experience. I have felt well received, and I have been able to notice the level and quality of the work that my colleagues are doing, which makes me very happy and motivated”, he says.

Together with the CySAT team, Ricardo is working on the 2024 cybersecurity plan, including the capabilities that will enable us to detect and respond effectively to cyberattacks and recover, if necessary. They are also focused on adopting a framework of best practice guidelines -called TrustedCI-, that will facilitate security in our operations. “It’s a great path that I’m excited to start, and I hope to be able to contribute a lot to these issues,” he adds.

It has undoubtedly been a contribution, since, with Ricardo’s arrival, the rest of the Advisory Committee members have been able to focus on more strategic tasks, while allocating 20% of their time to this expert team.
“It is vital for the staff to maintain awareness that cybersecurity is an issue that always has to be present,” says Jorge Avarias, our Senior Software Engineer, and CySAT member.

“Without cybersecurity, the observatory cannot function securely, so both issues, operations and cybersecurity, are at the same level of importance,” Jorge elaborates.

José Lobos, who is part of the group of administrators and IT specialists, and who participates periodically in CySAT, is also grateful for the arrival of new reinforcements: “They have been a contribution to the group, incorporating their knowledge and the vision that is needed to improve our systems and above all security,” he says.

After the cyber-attack, he sees that among the staff, “there has been a change, and it is the awareness that this happens and it is a daily occurrence. Unfortunately, we are facing criminal activity that does not stop. This is very dynamic, and we cannot let our guard down,” says José.

Felipe León, our Technical Dataflow Engineer and fourth CySAT member, agrees about this cultural change within the JAO: “The main change is that people already know that something has happened, which makes them more cautious. They now ask before clicking and report problems”.

Even so, he insists it is a constant work: “Security is super volatile, what you did today doesn’t make much sense tomorrow. Security is alive: it is born, it is constantly being revised and has to evolve. We could say that it requires continuous improvement. It is an endless cycle,” Felipe concludes.

IF YOU ENJOYED THIS NEWSLETTER, GIVE IT A “LIKE” AND COMMENT!

3 Comments

  1. Martin Diaz
    Martin Diaz on January 18, 2024 at 11:36 am

    Tremendo grupo de trabajo!!! Estamos en buenas manos!!

    Reply
  2. cristobal agermann
    cristobal agermann on January 18, 2024 at 12:18 pm

    Excelente equipo, Excelentes nuevos miembros…. Gracias por el gran trabajo!

    Reply
  3. Juande Santander-Vela
    Juande Santander-Vela on January 18, 2024 at 2:23 pm

    Thanks for helping us avoid or at least mitigate the severe consequences of a cyberattack!

    Reply

Leave a Reply to Martin Diaz Cancel reply

Your email address will not be published. Required fields are marked *

Related Post