Enter new markets

Author: Michael Renotte

18/01/2018

Cybersecurity

A holistic approach to security

In an increasingly digital world where everything is becoming interconnected, cyberattacks are becoming more numerous and sophisticated. Organizations are facing these new security challenges while simultaneously adopting new ways of working. Today, all experts agree that the question is no longer whether an attack will occur, but when and how it will be carried out. Jacques Ruckert, Director of Products & Solutions at Proximus NXT, shares his insights on the threats facing our increasingly digital economies and the ways to protect against them.

The emergence of a new category of professional and organized cybercriminals is accelerating the spread of online threats. At the same time, entry points are multiplying—today mobile devices, tomorrow connected objects (IoT). As for companies, they form increasingly interconnected ecosystems with their suppliers and partners, thereby expanding the attack surface. In this context, how do you view the evolution of threats to information security?

“Cybersecurity today is a race between attackers and defenders. One might resign oneself to the idea that attackers will always be one step ahead and that defense mechanisms at best only slow down attacks or divert them to easier targets. I am convinced that we should not give in to fatalism or accept this assumption.”

“We have recently seen the exploitation of zero-day vulnerabilities by professional hacker groups aiming to compromise targets on demand. In such cases, profit no longer comes from the victim through ransom, but from a sponsor who effectively outsources corporate compromise services. The ransomware business has also become highly profitable and increasingly industrialized. It benefits in particular from the rise of Malware-as-a-Service platforms, which are revolutionizing the distribution of malicious scripts on the dark web.”

“The key concept in cyber defense is awareness of the universality of the threat. Companies are often facing the same attackers as their peers. It is therefore essential to share experiences and communicate with organizations facing similar situations. Tools exist for information sharing, such as the Proximus Luxembourg-CSIRT, our cybersecurity incident response and coordination unit, or the SOC we are currently deploying—a true control center responsible for continuously monitoring and managing information systems security against internal and external threats, both for our own needs and for our clients.”

“Another entry point you mentioned is the human factor, which should not be overlooked. From being the weakest link, people can become a strong link in the security chain by increasing awareness of risks and best practices, notably through awareness campaigns. Proximus NXT experts run simulated phishing campaigns for clients, which not only assess user vigilance but also improve their skills and the overall detection and response capabilities of the organization. It is essential to raise awareness across the entire company, regardless of role, because a single human failure can allow an attacker to enter and compromise all organizational resources—and those of its clients. Our ethical hacking exercises regularly show that a significant number of users still open malicious attachments.”

“These types of actions allow us to assess the level of awareness as well as technical and organizational security. Based on this, we can work with clients to define an appropriate defense strategy. Such audits and awareness campaigns must be repeated regularly, especially when new employees join.”

“However, a balance must be maintained between security and usability. It is crucial for companies to understand their exposure to risk. Through risk analysis, priorities can be defined and trade-offs made. In all cases, the fundamentals must be ensured, starting with identifying and protecting the crown jewels—intellectual property, trade secrets, and other critical assets—by implementing defense in depth. Risk analysis and management are at the core of all cybersecurity actions.”

Until now, the fight against cyber threats has mainly focused on administrative and banking IT systems. Today, however, attacks also target industrial information systems and embedded IT. SMEs are no less affected, as criminals see them as more vulnerable targets than large companies. Moreover, major clients increasingly require strict digital security standards from their suppliers and subcontractors in order to avoid them being used as a Trojan horse to access their systems.

How can small businesses, which often do not have a CIO or even a CISO (Chief Information Security Officer), be made aware of their economic vulnerability to threats?

“All companies have important, even critical, data to protect. The financial sector is of course more visible to the public, as bank robberies have long been part of collective imagination, but some SMEs—such as medical practices or law firms—handle sensitive data and critical information that must be protected accordingly. The impact of ransomware varies depending on company size: while large companies may suffer damage, the consequences can be devastating for small businesses.”

“Many SMEs, particularly in Luxembourg, have trade secrets just as valuable as large organizations, and stealing them could seriously threaten their survival. We therefore advise these companies, which often lack the resources and budgets for cybersecurity, to outsource this function to providers such as ours.”

“It must also be remembered that every company has customers, partners, shareholders, and employees relying on it, as well as the ecosystem in which it operates. Each company bears part of the responsibility for the security of the entire economic chain and may have a systemic impact on others. In this context, ISO 27001 certification for Information Security Management—which Proximus NXT has obtained for its cloud computing, outsourcing, and managed services activities—can facilitate the management of sensitive information and provide reassurance to stakeholders that risks are being properly managed.”

How do you secure the most valuable business information and ensure the trust needed to develop business activities safely? How do you help your clients develop their security strategy and implement appropriate solutions and services? In short, what is Proximus NXT’s approach?

“Over the past 13 years, Luxembourg’s cybersecurity ecosystem has grown significantly. From the beginning, Proximus NXT has been actively involved. We have participated in major national projects and developed deep expertise in the security challenges companies face. Proximus NXT operates its own CERT, which also benefits our clients. To raise awareness and train clients in cybersecurity, we rely on a powerful tool: our training center. Through it, we bring together educational infrastructure, trainers, cybersecurity expertise, and partnerships with specialized vendors and publishers to deliver awareness campaigns and training programs that help clients face current and future threats.”

“Our approach is therefore holistic: in addition to products, we provide consulting, management, governance, and training. Proximus NXT’s information security offering is likely the most comprehensive on the market, as it covers all aspects of cybersecurity.”

Une question ?

Contactez-nous ! Nos équipes sont à votre entière disposition. Quelle que soit votre problématique, nous trouverons une solution ensemble.