Among the member organizations of the CSC, Toreon is an example of an SME achieving world leader quality through exquisite focusing on security in general, and both threat modeling and OT security (industrial, medical, IoT) in particular.
Leden in de kijker
A takeaway from the interview with Fabrice Wynants is the need for an end-to-end view on cyber security with security measures at different levels - workplace, apps, infrastructure & cloud. Cyber resilience demands expertise regarding prevention, detection, response, and – not to forget - a focus on recoverability, one of Cegeka's areas of expertise.
‘Resilience is being ready to survive’
As a company, Cegeka masters many domains of expertise, not the least among them cyber security. Especially with a view to bolstering the resilience of companies. This is a main motive for Cegeka’s joining the Cyber Security Coalition.
As a company, Cegeka is committed to bolstering the ‘cyber resilience of Belgium’. Given its broad spectrum of activities, how does Cegeka strive to accomplish this? With specific cyber security efforts and in other domains?
Today, Cegeka is recognized as a European provider of IT solutions, such as data solutions, applications and cloud infrastructure. Obviously, that requires us to provide protection and security for our end-to-end solutions and services on a daily basis, in a secure and resilient way. Thus we already help out customers to become more cyber resilient. And it is our strategy to do so even more in the future. Indeed, ‘resilience and innovation will fuel the post-pandemic renaissance’ in the opinion of our CEO, Stijn Bijnens.
In our view, cyber resilience implies an end-to-end view on Cyber Security, with security measures on different levels like the digital workplace, in applications, on infrastructure and cloud level. But also it demands expertise regarding prevention, detection and response, and – not to forget – a focus on recoverability. The latter is often underestimated in many organizations. In order to bolster the cyber resilience in Belgium, we take this approach beyond our existing Cegeka customer base as a specific security offering to new clients as well, in collaboration with technology partners and in close proximity interaction with our clients. This includes a whole range of components, such as Vulnerability & Compliance Management, Identity & Access Management, Cloud & Infrastructure Security and many others, including a jewel in our crown, our 24/7 ‘security operations centre’ (SOC) with Detection & Response capabilities, malware analysis and threat intelligence, as well as advanced response capabilities. All of this also available as managed services.
Important in this Detection & Response services is our expertise on recoverability, with the associated skill sets. It’s all well and important to detect problems when prevention fails, but response and recovery is the real need in the journey to cyber resilience. That means fast and effective response and recovery, with security and operations working closely together. Resilience means you survive the problems. That is, being ready to survive and continue your business. Be prepared!
Again considering its broad spectrum of activities, how does Cegeka contribute to the efforts of the Coalition? And how will Cegeka benefit of the Coalition efforts?
We hold the mission of the Coalition in very high regard. And there are many matching points between our activities and those of the Coalition. The way the Coalition endeavours to create a broad ecosystem to improve cyber security, so do we offer a similarly broad help to our customers. Both of us believe in close collaboration among all parties. Both of us see sharing of information and knowledge as a key purpose. And there’s also Cegeka – a large company – as a consumer of security expertise and knowledge, e.g. interested in exchanging ideas around innovative ways of enhancing cyber security awareness in our company. And not least important are the Coalition focus groups, much aligned with our system of competence centres.
As a result, Cegeka joins many, if not all of the Coalition focus groups. In addition to the Awareness Focus Group, we see several groups as very important to us. The Cloud Security Focus Group, as we are a leading provider of cloud services. The Governance, Risk & Compliance Focus Group. The NIS Focus Group, as we provide services to critical industries. And certainly the CSIRT-SOC Focus Group, given our SOC. We monitor large environments from our SOC and it is important we can exchange information about a new type of ransomware or techniques we detect from our SOC.
Further domains of contribution relate to our innovation efforts, e.g. in the field of 5G and IoT, but also to our expertise in secure development of code as in SecDevOps. And we may suggest the establishment of even more groups, as e.g. concerning Identity and Access Management, with a view to – for example – privileged access management.
Onlookers may take Cegeka for a kind of ‘classic ICT company’, provider of several kinds of services, both infrastructure and solutions. However, the company has been diversifying, with additional skills in enhancing cyber resilience?
For sure, Cegeka isn’t your ‘classic ICT company’ anymore, though we provide all the necessary platforms. A key characteristic is our exploration of new strategic developments, closely matching the evolution of our customers’ businesses. As a result, we can assist them on their journey towards digitalization.
Cegeka itself has pursued this through a series of investments – also abroad – and diversifications. Take CityMesh, a mobile connectivity specialist that plays an important role in 5G adoption, with 5G being a driving force to integrate cloud infrastructure and applications. Take the domain of Smart Industries, where 5G and IoT/OT fuse into end-to-end solutions for manufacturing enterprises including an integrated and end-to-end view on security where again IT & OT need to converge. Also, our sector insights help bring together all loose ends; as e.g. in the healthcare sector, where we inject our ‘protection of personal information’-expertise in the digitalization of this sector.
And last but not least, we bring together all aspects of security into resilience. Covering detection, response, and yes, recovery! Let’s be clear, resilience is not a product. It’s a journey.
Anderen leden in de kijker
As a member of the Cyber Security Coalition, financial sector federation Febelfin focuses on many more aspects of cyber security than just the security of financial systems. To this end, Febelfin counts on the cooperation of a large and diverse community of partners.
International law firm Allen & Overy offers extensive insights in cyber security, as it sits at the cross road of many areas of expertise and operates in over 30 countries around the world. Based in Allen & Overy’s Brussels office, Thomas Declerck deals with both the preventive and incident response aspects of cyber security, with a specific focus on investigating and litigating cybercrime.
Cyber diplomacy comes into its own in a world with increasingly severe cross-border state sponsored – as well as criminal - cyberattacks. At Belgium’s Federal Public Service (FPS) of Foreign Affairs, Séverine De Potter focuses on this new extension of the age old art of diplomatic response to skirmishes.