On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.
BCSC 2021 Roundtable: The state-of-the-art cyber security technology
16 November 2021 – Cyber Security Coalition
State-of-the-art cyber security technology – Roundtable
Bart Van den Branden, Cegeka
Stijn Rommens, Security Engineering Manager Southern & Northern Europe Vectra
Steven De Ruyver, Area Sales Manager Belux Cisco
Patrick Commers, Fortinet Storyteller/Sales/Evangelist
Bart Asnot, Technical Specialist Security & Compliance, Microsoft
Mikkel Planck, Senior Sales Engineer Crowdstrike
Moderator: Ulrich Seldeslachts, CEO LSEC Leaders in Security
The fast changing threat landscape is countered by an equally fast changing security. So what is today’s ‘state-of-the-art’ security technology, and what more can we expect? At the 2021 Belgian Cyber Security Convention (BCSC), top companies drew a picture of today’s security ‘art’.
Actually, a full answer would be rather difficult, considering how broad the scope of the question is… So probably a better question would be: what is right for your business today, and what is your roadmap to handle emerging challenges? Then go for the appropriate “state-of-the-art’ for those specific needs. Furthermore, whatever technology acquired by a company must be integrated in an existing security environment… which most of the time is overly and hopelessly too complex (often with many dozens of point solutions). So, the introduction of true state-of-the-art-technology requires a major rethink of your security architecture. First, establish a baseline conforming to the nature of your industry, and then go for the right state-of-the-art.
Considering the diversity of companies on the panel, many developments were mentioned. Obviously, AI and machine learning-enabled security tools are hot, but also many forms of automation (including automated responses), advanced trouble/root cause detection, enriched threat information and more.
Interestingly, specific attention was drawn to the need and use of people in a holistic security system! State-of-the-art not only allows human experts to react faster and more appropriate to incidents, but also includes a broad security awareness of all people in a company. Actually, this is an aspect that co-determines the security maturity of a company, with state-of-the-art requiring a solid maturity. And it will also determine the potential of the company to attract the required specialists…
Today, a major challenge is finding relevant actionable information on incidents in your company’s environment. It is a matter of collecting the data, the necessary aggregation and interpretation of the data… and removing all the noise! Additionally, there is the challenge of getting information from networks and processing environments you don’t own (e.g., the cloud), and to find the information you don’t know yet but do need. That will demand a better use of existing technology, improvement of this technology and continuous vigilance regarding emerging threats.
The future will include even more automation, with e.g. self-healing networks. Also, actionable cyber intelligence will grow in importance (in an open exchange of information). And even more important will be the need for security solutions to offer more business value. As it is, budgets are available, but yet all too often in the wake of an incident. This must change, with security solutions not simply repairing damage, but offering value.
You can (re)watch the roundtable clicking on this link. The recording can be found in the section 7 – Belgian Cyber Security Convention.
Other blog posts
So, your company has decided to make ICT life easier by migrating to the cloud. Easy pie, just ring a reputable cloud provider? Unfortunately, there may be some data protection and privacy hurdles to jump, as we learned at the 2021 Belgian Cyber Security Convention.
Cyber security remains an urgent and complex challenge for companies of all sizes. But how to instill this urgency in top-management and board levels, with appropriate information? Who better to answer this question than top-cyber security practitioners, at the 2021 Belgian Cyber Security Convention ?
The second webinar of the Privacy Focus Group on the subject of ‘Artificial Intelligence’ (AI) tackles a major challenge: how to reconcile the use of AI with the demands of GDPR, particularly regarding data protection? It is still very much unknown territory for developers, users and privacy protection officers. This webinar helps you find your way!
API’s (Application Programming Interfaces) are ubiquitous and used to interconnect all our popular web applications. Without API’s, applications cannot communicate and we would simply not be able to use the majority of the current cloud and web applications. But at the same time, because of these API’s, security threats are greater than ever. API attacks are different compared to traditional attacks: they target vulnerabilities in the business logic, and hackers exploit these zero-day vulnerabilities.