Menu Close

Interview with Juan Carlos Castro Ortiz, expert on cybersecurity at Ayesa Advanced Technologies.

Interview with Juan Carlos Castro Ortiz, expert on cybersecurity at Ayesa Advanced Technologies.

  • Juan Carlos, what is your background related to the cybersecurity area?

I have some strong work experience in the cybersecurity field.  I worked for several years as a consultant/auditor in the best cybersecurity companies of Europe, providing services for the most companies of the stock exchange.  That helped me growing confidence and leading my company area. 

In Ayesa, we provide services in many different areas such as Application security testing, security infrastructure, security information, threat intelligence and , social listening and cyberacademy, among others.

To complement my experience and keep researching and developing my skills, I am currently finishing a PhD in cybersecurity for Smart Cities.


  • How the cybersecurity knowledge and relevance has been increasing along your professional career?

On one hand, working with the best professionals in the sector and learning methodologies that let me increase my knowledge and good cybersecurity practices.

On the other hand, having a lot of restlessness and curiosity. It is the best way to be updated and open to learn new technologies and cybersecurity techniques.


  • Why do you see this project relevant to your company?

Because it increases the visibility of your research, enhance your reputation  and  help  your  efforts  gain  understanding  and support (also financially), by presenting your work and its results not only to the scientific community, but also to potential industrial partners, policymakers and society at large.


  • Can you tell us about the risks of NOT including the cybersecurity layer into the grid?

Organizations are becoming more vulnerable to cyber threats due to the increasing reliance on computers, networks, programs, social media and data globally. Data breaches, a common cyber attack, have massive negative business impact and often arise from insufficiently protected data.

A risk is the occurrence probability per impact, and if we don’t mitigate the risk in a critical infrastructure as SDN-microSENSE project infrastructure, the significance on the continuity and integrity of the electricity supply could be affected with disastrous consequences.


  • What new challenges related to the cybersecurity area are you facing?

It is worth remembering that the strength of the cybersecurity chain is only equal to the strength of its weakest link. The main challenge for the next year is Facing up to the major sources of attack against electric industry, that basically comes from within three groups:

  • Its own stakeholders, via the game of industrial spying,
  • Cybercriminals at the origin of mass attacks (such as WannaCry),
  • Hostile States, through cyberwarfare.

Having said that, its highly recommended implementing the appropriate procedures from different security standards, in order to mitigate potential weaknesses associated