Interview with Francisco J. Cesteros

Email interview held on 12th September 2017 – as follows between Alan Radley (questioner) and Francisco J. Cesteros (relator):

1.       What are your thoughts on the current state of cybersecurity, both for organizations and for consumers?

For consumers, cybersecurity is a simply word far from the knowledge and the security plan that we must walk through in our homes, with our family and on a daily basis of life. Just a simply word that you listen but you never think it will happen to you because you are not a person of interest. In that sense, we have a long work to do and teach the people how their life are affected and can be impacted by incidences so they can understand the relevance of having safety awareness and implement at home, with the children, in their home PC and of course managing on line transactions and social networking.

For organizations there are much more safety awareness but the budget to security is less than expected. Organizations try to update systems and update software but sometimes upgrading a release may require upgrading the hardware and upgrade applications and it means a lot of hidden costs (hardware, hours of programming, libraries and impact, study the risk and the impact of the upgrade, hours/technician, etc.)

Based on these situations, not all the systems, servers, storage, firmware and software can be updated so the reality is that organizations try to survive, save as much as possible, much absolutely impossible, for many reasons, to secure the whole IT operational system, from desktop to servers, including storage, firmware, routers, firewalls, licenses of everything.

So, two different environments, one with awareness but not enough budget and the other withour awareness and no budget at all.

Log run to go, big opportunity to hackers, big holes and not enough money for security at all.

2.       What – in your estimation – are the reasons behind the many computer security breaches/failures that we see today?

As explained before, breaches occur when system are not updated and sometimes because of zero-day holes.

Zero-day holes mean immediately working on fixing but the holes are there and hackers discover them and are part of their work.

Updates come when the breaches are discover and coming back to my explanation, updates requires just a fix without anything more than the fix of the manufacturer and other times fixing the security hole means firmware upgrade or system upgrade and such cases the cost is high and perhaps upgrading means move to another version of the operating system, other system libraries and the whole pack means to ensure the operational application, and here is where the problems appear. IF the technician discover that fixing a hole require a several upgrade of the system as a pack and it impacts on the application, the upgrade need to be schedule, hour/technician need to be budgeting and it takes a lot of time where the system still has breaches.

The cost of security is very high, involves systems, servers, storage, routers, firewalls, IPS, licenses and hour/technician so the organization need to prepare a special budget as far as breaches arrive and it happens continuously.

Here is the difficulty of having everything fixed, the relevance of guarantee that fixing holes there is no impact on the final application and users behind the IT system corporation.

3.       Where do you go to find your “science” of cybersecurity?

The knowledge of holes/breaches and cybersecurity is coming from private organizations (manufacturers of hardware and software) and public organizations (universities, ministries and security forces that are continuously studying and testing).

If you want to study, select a good university and a good program, other way you lose your money because there is a lot of online education without touching the systems, and it really doesn´t work. No touch of systems means no reality and knowledge of what is behind the IT operations.

People like to say “I am a cybersecurity analyst” and the reality is that read a lot of reports, see a lot of powerpoint presentations, copy/paste a lot of words but never touch the keyboard of the IT UNIX, LINUX or WINDOWS servers, for example, never study IT and never in front of a technical issue.

Cybersecurity is much more than powerpoint and much more than a report, it means a lot of knowledge for everything and a lot of certified people investigating, programming, and testing in labs.

Go to the sources, manufacturers, study professionals courses, pass your exams and be ready to be a specialist in something, you will never know everything of each system/storage/firewall(apllications….etc.

4.       Do you recommend a particular cybersecurity blog that our readers could follow?

What I usually recommend is to be aware about manufacturers news, blogs, updates and labs. OF course adding to manufacturers all other sites coming for public institutions that are involved in cybersecurity, in Spain we have CCN and INCIBE as the primary one, but behind those there are a lot of private companies supporting them, the investigation, the testing and the security reports.

In Spain and in general, in the world, there are Associations of white hackers, Events of white hackers and webs where you can technically go to learn and share.

Universities are working on specific technical programs and organizing events too.

Just go to the sources (private manufacturers) and public organizations, then move to professional education where practicing is a must and not just only online education.

5.       What keeps you up at night in the context of the cyber environment that the world finds itself in?

Really nothing, I sleep well and trust on the people that are having the technical resources to move on. I study everyday by getting into webs and safety news, blogs, events and updating myself for be able to manage the security in advance and be prepare when something happen.

Be aware, update and manage with a deep knowledge that security and national defense is part of my life so I have to be alerted and be able to defend in front of majors any budget, any update and any movement n advance, risk prevention and fraud prevention.

Knowledge of security and knowledge of impact is the best way to start implementing methodologies and processes of updating and negotiate with the Board of Directors.

Investing in security is investing in talent, human resources, commercial margin, value to society, family´s job, employees and much more. Investing in security is investing in the business, corporate social responsibility and value for the customer and the employee.


Thank you kindly Francisco J. Cesteros for taking the time out of what must be a busy schedule to answer our questions in such a comprehensive manner.

Interviewee: Francisco J. Cesteros,

ICAI Engineer; Investigator; International Executive MBA; Master Security&Defense

Francisco J. Cesteros – Biography

A) What do I offer? With more than 30 years in businesses and international projects I offer my knowledge, experience and academic qualification:

– Sales & Business Operations Management
– Private Investigation Services
– Graphology and other Pericial Reports
– Training, Seminars, Consulting for Companies and Universities
– Methodology for Intelligence analysis and implementation
– Secure & Encripted mobile communications for Executive Committees
– Microexpressions and Lie Detection methodology. Certified instructor by Dr. Paul Ekman

B) What values do I add? Experience, knowledge, methodology, operational skills and customer focus by leading international projects and team working.

Contact Francisco on his Linkedin here.