We discussed:
- The top 3 IT threats (Phishing alert!)
- RSA Conference buzz
- Holistic versus point solutions
- AI in Security: Hype check
- What Cegeka offers in the way of solutions
Fabrice, good afternoon! Cybersecurity feels like an endless battle against ever-shifting threats, does it not?
Fabrice Wynants: You’re not wrong, it's like we're all having to constantly outsmart a multi-headed beast. And allow me to highlight three very ugly ‘heads’: phishing, credential theft, and the non-stop challenge of patching software vulnerabilities. Patching might seem straightforward as a protective measure, but vulnerabilities are still a major avenue for cyberattacks. Our SOC data underscores this as a key issue to address. And we’re backed in this by other reports, such as Verizon's DBIR, which also emphasizes vulnerability exploits as a key entry point.
What about phishing? Surely we're all getting better at spotting these scams by now?
Fabrice Wynants: Well ... yes and no. Security awareness is growing, that much is true. We run many phishing simulations, and the results keep improving with time. But as people get smarter, so do the phishers. The methods are getting slicker – typos are a thing of the past, and phishing emails are laser-focused on specific user groups or even high-level individuals. This kind of highly targeted spear phishing often comes with pretexting, where criminals create a false sense of trust, tricking victims into leaking sensitive information or making payments.
"As people get smarter, so do the phishers. Phishing methods are getting slicker."
And as for credential theft?
Fabrice Wynants: It's in the top three threats. Through our dark web hunting activities, we scour hacker sites on the dark web to identify stolen credentials. While we can't completely eliminate the threat of stolen credentials – it's like leaving your house keys under the doormat – our proactive approach helps us identify and mitigate many potential breaches before they cause any damage.
Okay, we've covered the problems. Now let's discuss solutions. You launched CSAF at Cybersec Europe conference. Why?
Fabrice Wynants: Yes, we did. At Cegeka, we believe that companies can best mitigate cyber risks by thinking in terms of resilience rather than point solutions for individual issues. CSAF, our Continuous Security Advisory Framework, helps organizations form a comprehensive view of their cyber maturity, from strategic and tactical to operational levels.
"We believe that companies can best mitigate cyber risks by thinking in terms of resilience rather than point solutions."
CSAF is essentially a ‘CISO Office-as-a-Service’, which combines advice, services, and tools into one pay-as-you-use model. Based on the principles of cyber foundations and continuous improvement, we provide organizations with actionable advice to enhance their cyber maturity at their own pace, fully aligned with compliance regulations such as NIS2.
You mentioned Cybersec Europe. Cegeka also participated at RSA in San Francisco (US). What’s the talk at these conferences?
Fabrice Wynants: It was an exciting experience for Cegeka to attend RSA for the first time, especially since we now have a presence in the US following the acquisition of CTG. It's a priority for me to align our direction and investments with major market trends, and conferences like these are interesting for staying in touch. This year, the three most talked-about trends at RSA were AI, exposure management and dashboarding technologies.
Okay, let's talk about AI, because that's the big topic, right?
Fabrice Wynants: AI was everywhere! Almost every booth promoted "AI-powered" this, "AI-native" that, and "AI-augmented" everything. But upon closer inspection, the reality sometimes falls short of the hype. Overall, the focus is on integrating Generative AI into security solutions, for instance to accelerate incident analysis and response.
Among the vendors we explored, Microsoft's Copilot for Security stood out as particularly impressive. We saw an impressive demo which showcased the power of Copilot to feed security analysts with more contextual information, speeding up security incident analysis, but also linking events coming from different sources.
What about dashboarding? And how does this trend tie in with our Security Observability Dashboard?"
Fabrice Wynants: It ties in completely. Creating visibility is key to better security. The era where cybersecurity was seen as a dark art is over. Regulation forces everyone to build affinity and understanding. This is where dashboarding helps provide insights into cybersecurity maturity and it ensures auditability.
"We consolidate insights into one ‘pane of glass’, rather than having ten different dashboards."
We consolidate insights into one ‘pane of glass’, rather than having ten different dashboards. In many cases, this involves GRC automation, bringing together inputs from different tools, processes, and activities to provide an overall cyber maturity level, including priorities, tasks, and guidance to enhance cyber resilience. This is fully in line with our Horizon Security Observability Dashboard.
You mentioned exposure management as the third focus point.
Fabrice Wynants: As I explained earlier, a robustly-implemented holistic approach is better than focusing on point solutions. The same goes for exposure management, which takes a broader view than traditional vulnerability scans. While vulnerability scans identify specific security flaws, exposure management is more comprehensive, including unpatched assets, leaked credentials, and other exploitable vulnerabilities. By offering more context and consolidating various security domains, organizations can prioritize and address threats more strategically.
Cegeka’s cybersecurity division’s growth is outpacing the market. How do you plan to evolve in the coming year?
Fabrice Wynants: Cybersec is a major point of investment, as our CEO always points out. We focus on three key pillars: expanding our portfolio, growing our team, and broadening our international reach. We're enhancing services like MDR, IAM, VM/CM, and CSAF, with our Security Observability Dashboard bringing all of that together into a powerful central hub. We're also seeing increased integration of infrastructure security services, which complements our managed service offerings.
"We're enhancing services like MDR, IAM, VM/CM, with our Security Observability Dashboard bringing all of that together into a central hub."
What does international expansion look like?
Fabrice Wynants: While we continue to grow in Belgium, we’re also seeing growing demand in the Netherlands, Luxembourg, Romania, and Italy. This aligns with our broader European growth strategy. Additionally, our acquisition of CTG has established a foothold in the US, allowing us to extend our cybersecurity services to clients with operations there. This international growth enables us to follow and support our clients wherever they expand, ensuring robust security solutions and helping them in their Cyber Resilience.