Cyber Security Event : security policy starts with good visibility
Published on 02/11/2017 in News
There is no such thing as total security. Which is why IT security is basically a matter of risk management. But how do companies manage to make the risk as small as possible? It’s an exercise that starts with introspection. Insight into your own strengths and weaknesses is the starting point for an efficient security policy. The core of the efforts made thus shifts from prevention to concrete detection.
The good attendance at the annual Proximus Cyber Security Convention shows that the business world remains alert. And so it should. Over the past year, cyber crime has hit the headlines regularly, including with Belgian victims of ransomware. At the same time, GDPR will be coming into force shortly. “A company that deals deliberately with IT security focuses first and foremost on visibility,” says Christophe Crous, head of Security Solutions at Proximus.
“Companies need to know what is happening on their infrastructure, where the data are, who has access to which applications, etc.” Only when they have a clear idea of the reality of their own situation can businesses organize their IT security properly. “Insight into their own vulnerability is the starting point here,” says Proximus CISO Fabrice Clément.
The right information
And this security is absolutely vital. The past few years have seen further instances of contamination with ransomware and cyber attacks. New technology – such as machine learning – helps not only companies, but also cyber criminals to make progress.
What is more, a great deal of malware has now evolved into a pure commodity and cyber attacks are available for sale via the Internet as a service. “Of course, to start with you have to stay alert yourself,” says Dries Watteyne, head of Customer Security Intelligence at SWIFT, the company that supports the exchange of financial messages between financial institutions. “We keep a close eye on the networks and are constantly on the lookout for possible risks. But it is just as important to form a community with other companies and to share information about cyber crime within this community and with security providers and government services.”
One striking development is that companies are putting more effort into detecting attacks, rather than simply introducing measures designed to keep cyber criminals out. “This exercise is not always easy to justify,” says Laurent Bounameau, CISO at the Federal Police. “But it is absolutely essential. At the same time, you can’t monitor everything to the same level and you have to make choices about access control and other security controls depending of data classification. We are very pragmatic about this.”
Journey without end
After the takeover by Lufthansa, Brussels Airlines now has to fit in to a new, broader context. “In the past, companies tended to be somewhat negative about keeping logs, because it placed too heavy a burden on the systems,” says Jean-François Simons, CISO at Brussels Airlines. “Today there is more demand for logs. If it helps the company provide targeted reports for the senior management, then of course the investment involved can be justified.” Jean-François Simons hits the nail on the head here. When drawing up a security policy, the main thing is to work with the right information. “That’s the only way you can take the right decisions,” says Bob Ruts, CTO at Davinsi Labs, the Belgian specialist on cyber security that has been part of the Proximus Group since April.
“Security intelligence enables you to take specific action to reduce the risk. Without insight you are nowhere. At the same time, you have to approach security as a program and not as a precisely defined project. Security is a journey without end.”
- What can vulnerability management mean for your company?
- Detecting and mitigating DDoS attacks.