Louis Koppes (UBM): There will always be opportunities to further automate the automation department.”
Why are events like Cybersec Netherlands important?
Coming together with the industry is crucial, as technology evolves faster than anything else. Every year, there are significant changes in the market. At Cybersec Netherlands, there are ample opportunities for sharing knowledge, for example, during the theatre sessions where we can explore threats in greater depth, and discover suitable solutions with each other.
Moreover, in a time when we primarily have contact with each other through phone calls or Teams, it’s crucial to maintain physical contact with each other as well. We want to meet people face-to-face, have coffee with them. Participating in such exhibitions, allows us to step away from daily routines and take a break from the office. There’s a shared enthusiasm for the cybersecurity market, and our team always gains a lot of energy from such exhibitions!
What are the most urgent threats in cybersecurity?
One of the most widely recognized threats is currently ransomware. Ransomware can be seen as an industry where a systematic plan is executed to infiltrate organizations. This makes organizations vulnerable. A challenge stems from the fact that the attacker has a toolbox, possibly with Artificial Intelligence, which is evolving at the same rate as those of defenders. Therefore, there’s an ongoing battle on the machine-to-machine level which makes it hard for companies to keep up.
Besides these external threats, there are also internal threats like dissatisfied employees. Employees have various credentials, and if they’re angry or dissatisfied, they could leak these. Also, if they still have their login credentials, they could start deleting or damaging information. In addition to the threat of deliberate misconduct by employees, there’s also the internal threat of ignorance. For example, when employees click on links in their mailbox that activate ransomware.
What trends do you observe in cybersecurity?
An important trend is Artificial Intelligence, and especially the question ‘Who controls Artificial Intelligence? And ‘How are we going to defend us against it?’ In a time marked by such trends, not just technical aspects are important, but it also depends on human behaviour. The saying, “Nothing is as changeable as technology, and nothing is as unchanging as humans” applies here. Technical solutions that save time and money are available, but people are often hesitant to implement these solutions.
Another trend we observe are digital password vaults for all employees. Currently, it’s often the case that only IT departments have their passwords saved in these vaults. However, all employees use passwords, and the risk exists that employees will write passwords down on paper or save them in Excel sheets. If you lose these documents, you lose all login credentials. Therefore, a digital password vault should be centrally managed by the organization. Another advantage of such a vault is the possibility to share passwords among employees who are using the same application. This approach provides control over passwords throughout the entire organization.
How does your organization address these challenges and/or opportunities in cybersecurity?
For the last 20 years, we’ve focused on providing solutions that make things easier for IT departments. We’re automating the automation department. For example, we focus on protecting Admin accounts. These accounts have privileges that IT departments have in order to do their work. It’s important to protect these accounts because hackers need those accounts and privileges to infiltrate in organizations. We can protect these accounts for example by automatic password rotation, in which passwords are automatically changed. When a hacker tries to guess the password, it won’t work, and the Local Admin Rights don’t fall in the wrong hands.
We also provide automated detection for abnormal behaviour. Instead of relying on individuals to monitor IT Infrastructure around the clock, we employ AI for detection. For instance, it can identify unauthorized attempts from foreign countries trying to access your network. This is an example of collaboration between machines and humans. The solution detects the abnormal behaviour and responds and/or alerts the administrator who can take the necessary action.