”Seeing the dynamics of the cyber threat landscape, companies have realized that they are not an exception and that security is not only important or necessary for “others”, but also for themselves – every company can be of interest and can be attacked, not just by independent hackers, as well as state actors. And that’s where I see things slowly starting to move, companies are increasingly concerned about setting up strategies to secure their digital infrastructures,” Roger Halbhir, Chief Security Advisor, Microsoft EMEA.
How would you describe the European cybersecurity landscape? In your opinion, is Europe (or European companies) doing enough in this direction?
Roger Halbhir: From a government perspective, Europe is very diverse (and that actually makes it even stronger), so I wouldn’t say there is one “European cybersecurity landscape”, but several. But if you ask whether European countries and governments are taking enough steps in this direction, I can say that it is an aspect related to the cultural dimension. There is no one-size-fits-all solution, not everyone is the same, but I am noticing that governments are beginning to recognize the growing importance of measures to prevent and combat cyber attacks, and things are starting to move in the right direction.
In turn, seeing the dynamics of the cyber threat landscape, companies have realized that they are not an exception and that security is important or necessary not only “for others”, but also for themselves – every company can be interesting and can be attacked, not only by independent hackers, but also state actors. And here I notice that things are slowly starting to move, companies are more and more concerned with creating strategies to secure their digital infrastructures.
What trends are you noticing? What solutions are most companies turning to to protect themselves from cyber attackers?
Roger Halbhir: State actors are becoming increasingly active, clearly reimagining the dynamics of the cybersecurity landscape. In addition, more and more companies understand that they need professionals to ensure a high level of protection for their digital infrastructures. If you want to (or have to) successfully counter professional attackers, then you need professionals in the field to protect yourself against them. their. Therefore, the demand for services for managing cyber security solutions based on integrated platforms is growing. That’s why we invest $4 billion annually in research and development of cybersecurity solutions so that organizations and companies can use them and strengthen their security strategies (instead of trying to fight attacks on their own).
What are the latest technologies and equipment available to protect data and IT infrastructure? Is there one among them that surprised you? Why
Roger Halbhir: We’re operating in a market that’s going through a major consolidation process right now, and that’s a good thing. We know from experience that the average company uses 30 to 50 security technologies. But to quickly respond to cyberattacks, they need to integrate these technologies into their own infrastructures and run automation processes. Unfortunately, this task is nearly impossible for most if they only use the workers they have at their disposal. However, I see this changing and more ecosystems and platforms like this starting to emerge and develop.
By the way, this is also one of the reasons why I returned to Microsoft. I am convinced that the only way to solve today’s security challenges is with integrated platforms that are based on rigorous data analysis processes.
Today we talk about “cyber security in the digital age”, but what has changed in the last few months or years? What factors should we consider?
Roger Halbhir: We need to rethink and reposition cybersecurity. In the era of digital technologies, it must become a factor, develop and transform from an aspect of corporate governance to a function of true added value. But first, we must change the way we think about or approach cyber security. We call this process “Change Management” – that is, a change in how people should relate to this aspect and act, and the technology should come, from this point of view, to the next plane, applying this way of thinking.
To be resilient in the event of a cyber attack, every company should have a security strategy built around business impact analysis, but developing and then implementing it can be difficult. Our team is constantly working to support our customers and business partners with all the resources necessary to fight cybercriminals. You will be able to hear more details and details about the factors to consider and the necessary resources from experts and my colleagues from Microsoft Romania during the Embrace proactive security with Zero Trust event, which will take place on September 15.
Can you tell us the most glaring thing that companies often miss or don’t know what they need to do?
Roger Halbigir: Unfortunately, most companies still have gaps in their cybersecurity hygiene, and by that I mean processes like patch management, centralized identity management, compliance with outdated and vulnerable authentication protocols, down to a superficial understanding of the data and devices they own , and what they entail, and the list goes on. Even though companies invest in the latest and greatest technologies, sometimes they fail to address the most important cybersecurity hygiene issues. It is critical that they understand that these are the basic steps they must take to implement robust strategies and reduce cybersecurity vulnerabilities and risks.
What should be the cyber security priorities for European companies?
Roger Halbhir: We must recognize that networks can be compromised, with the concept of “assuming a breach” at the heart of every security strategy. If we really understand this, we will understand that we need to test each security requirement separately. The fact that a certain device is registered on a network used by a company, just because the system recognizes it, does not mean that it is also trusted, we should not automatically assume that it has not been compromised by a security breach.
Identity defines scope, and least-permission access is one of the concepts that comes with it. The zero-trust approach is based on these concepts and is currently an important security architecture that has proven effective in many recent attacks.
What does a “zero trust approach” entail, especially in the context of remote and/or hybrid work? How do we create it and what makes it effective?
Roger Halbhir: As I mentioned above, the zero-trust model—as we see it—is based on three principles: presumption of breach, explicit verification, least privilege access.
If all these requirements are met, modern cyber identity management will become the core of a defense strategy, one that will include real-time, risk-based solutions. Zero Trust is a modern security architecture that adapts more effectively to the complexity of today’s modern context and ensures the protection of every layer of the infrastructure by clearly and continuously validating every transaction and granting minimum permissions. The Zero Trust model is based on data analytics, advanced detection capabilities and real-time threat response.
In addition, multi-factor authentication is now mandatory for all accounts and should be implemented as a basic measure. When you choose to implement a Zero Trust model, managing company assets (such as IoT data and devices) and making risk-based decisions about how to secure and access them becomes implicit. At the same time, Zero Trust solutions also bring benefits such as lower costs or a greater range of usage scenarios.
In addition, companies that are considering this approach, but do not have enough information, have a white paper at their disposal, where they will also find an implementation model. Often they will understand that they have already gone through some of the steps described in the document, even if it was without (also) implementing the Zero Trust model, and this will help them understand more easily what to do next.
By the way, this is also one of the main topics that will be covered at the Embrace proactive security with Zero Trust event, where my colleagues will talk about the many aspects of identity theft, the lessons we have all learned from recent cyber attacks, and how the company can protect its multi-cloud infrastructure or provide comprehensive threat protection with advanced endpoint security.
How are the consequences of the conflict in Ukraine reflected in the landscape of cyberattacks?
Roger Halbhir: I would answer this question by quoting one of the clients I worked with: “It’s not the risks per se that have changed, it’s the probability.” I think that sentence sums up exactly the conclusion we need to consider: the risks have existed before, but the likelihood that a cyberattack will happen and be directed at us has increased. Therefore, companies that already have a strong and stable risk management procedure can continue to follow it, and those that do not should implement it.
Last but not least, to help our customers more easily find the support they need in these situations, we’ve also created a job designed to guide them in protecting their cyber-threat environment.
Article supported by Microsoft
Source: Hot News RO
Anna White is a journalist at 247 News Reel, where she writes on world news and current events. She is known for her insightful analysis and compelling storytelling. Anna’s articles have been widely read and shared, earning her a reputation as a talented and respected journalist. She delivers in-depth and accurate understanding of the world’s most pressing issues.