EVENT _ PROXIM US CYBER SECURITY CONVENTION _ 43
Cyberattack for sale online There is no such thing as 100% security. IT protection is basically a matter of risk management. But how do companies manage to keep the risk as small as possible? It’s an exercise that starts with introspection. Insight into your own strengths and weaknesses is the starting point for an effective security policy. The focus of your efforts shifts, therefore, from prevention to detection.
he good attendance at the annual Proximus Cybersecurity Convention shows that the business world remains alert. And so it should. Over the past year, cybercrime has hit the headlines regularly, including Belgian victims of ransomware. At the same time, the GDPR (General Data Protection Regulation ) will be coming into force shortly. “A company that deals deliberately with IT security focuses fi rst and foremost on visibility,” says Christophe Crous, Head of Security Solutions at Proximus. “Companies need to know what is happening on their infrastructure, where the data are, who has access to which applications, etc.” Only when they have a clear idea of the reality of their own situation can businesses organize their IT security properly. “Insight into their own vulnerability is the starting-point here,” says Proximus CISO Fabrice Clément.
And this security is absolutely vital. The past few years have again seen further instances of contamination with ransomware and cyberattacks. New technology – such as machine learning –
helps not only companies, but also cybercriminals to make progress. What is more, a great deal of malware has now evolved to become a pure commodity and cyberattacks are on sale on the internet as a service. “Of course, to start with you have to stay alert yourself,” says Dries Watteyne, head of Customer Security Intelligence at SWIFT, the company that supports the exchange of information between financial institutions. “We keep a close eye on the networks and are constantly on the lookout for possible risks. But it is just as important to form a community with other companies and to share information about cybercrime within this community and with security providers and government services.”
From protection to detection One striking development is that companies are putting more effort into detecting attacks, rather than simply introducing measures designed to keep cybercriminals out. “This exercise is not always easy to justify,” says Laurent Bounameau, CISO at the Federal Police. “But it is absolutely essential. At the same time, you can’t monitor everything to the same level and you have to make choices about access control and data classifi cation. We are very pragmatic about this.” After the takeover by Lufthansa, Brussels Airlines now has to fi t into a new, broader context. “In the past, companies tended to be somewhat negative about
Read more about the Cyber Security Convention at proximus.be/ cybersecurityconvention
keeping logs, because it placed too heavy a burden on the systems,” says Jean-François Simons, CISO at Brussels Airlines. “Today there is more demand for logs. If it helps the company provide targeted reports for the senior management then, of course, the investment involved can be justifi ed.” Jean-François Simons hits the nail on the head here. When drawing up a security policy, the main thing is to work with the right information. “That’s the only way you can take the right decisions,” says Bob Ruts, CTO at Davinsi Labs, the Belgian specialist in cybersecurity that has been part of the Proximus Group since April. “Security intelligence enables you to take specific action to reduce the risks. Without insight you are nowhere. At the same time, you have to approach security as a program and not as a precisely defi ned project. Security is a journey without end.”
Businessmagazine for IT professionals