Marc Vael (SAI.BE): “Without a proper cybersecurity program, an organization can’t defend itself”

Marc Vael (SAI.BE): "Without a proper cybersecurity program, an organization can't defend itself"
marc
05 May 2022
5 min
Cybersec Europe 2022 will take place in Brussels on May 11 and 12. With 4 inspiring keynotes and more than 80 informative sessions per day, this is the cybersecurity event of the Benelux. With thirty years of experience in the world of cybersecurity, Marc Vael can be called a true routinier. As a member of the Program Committee, he was partly responsible for compiling the program. And SAI, a platform for sharing current and relevant IT knowledge where Marc Vael is the chairman, is also a partner of Cybersec Europe. We asked the expert about his vision of the current cybersecurity landscape.

What does SAI.BE do?

“The main mission of SAI.BE is to distribute relevant and up-to-date IT knowledge and insights in an objective and high-quality manner to IT professionals in Belgium.  SAI.BE was created by IT professors concerned with the fact that IT professionals do need continuous learning, even after their studies.  Today SAI.BE focuses on six main domains: IT architecture, Software Development, Cloud & Infrastructure, Data & AI, Emerging IT topics and obviously cybersecurity.  SAI.BE distributes this IT knowledge and insights via webinars, podcasts, workshops, focus meetings, and special IT events.  Aside those interactive channels, SAI.BE also publishes its own IT magazine called SAI Update on a quarterly basis to all its members.”

Why are events like Cybersec Europe important for or­gan­iz­a­tions?

“SAI.BE supports the CyberSec conference and exhibition in Brussels for many years, since it has one of the largest IT exhibitions in Belgium with the who’s who in cybersecurity today, but it also has a conference agenda packed with case studies, expert insights and practical takeaways on cybersecurity. All this is available in one location during two full days, where IT professionals can connect with peers and vendors, exchange ideas and discover the latest cybersecurity solutions to secure digital assets. The presentations are of high quality and allow IT professionals to learn subjects or concepts they may be unfamiliar with. SAI.BE likes the fact that CyberSec always selects great international speakers as well, who will explain to IT professionals new security concepts and allow to discuss face to face. Attending the CyberSec conference is one of the best objective ways to learn about current cybersecurity issues, technologies, solutions and challenges in two days whilst providing a wealth of information and networking opportunities.”

What is your vision on the current state of cy­ber­se­cur­ity?

“All organisations are currently fighting the tsunami of security weaknesses and cyberattacks. Individuals and organizations fear potential data and financial losses. Aside from data and financial losses, cyberattacks lead to reputation damage and a loss of confidence in technology as a whole. Personal data, when compromised, can distract organisations from their core activities and become an expensive unforeseen cost. Cyberattacks are targeting small businesses that usually do not have sufficient cybersecurity controls in place to protect themselves when compared to large multinationals. Most common cyberattacks are phishing, network intrusion, inadvertent disclosure of information and stolen/lost devices. One of the main solutions is to enhance awareness and speed up communications with employees (and citizens) on the possible cyber-risks.”

What trends do you spot in cy­ber­se­cur­ity?

“Implementing Machine Learning is one of the most important trend that SAI.BE has spotted in cybersecurity. The role of machine learning (ML) is growing. One of the reasons is that cybersecurity becomes simpler, more effective and less costly with ML in combination with the fact that we will never have enough manpower and resources to handle all cybersecurity challenges and issues.  ML technology relies on sophisticated data to produce effective algorithms and develops patterns, manipulates them, anticipating and responding to active cyberattacks in real-time. Implementing ML enables organisations to analyze threat patterns and learn the behaviors of cybercriminals, thereby helping to prevent similar cyberattacks in the future and reducing the amount of time cybersecurity people need to spend on routine security alerts.”

“The other main trend that SAI.BE has observed is the way IT professionals want to present the cybersecurity maturity in a comprehensive and understandable dashboard to their management, the auditors, regulators but also the colleagues in the organization.  This is still work in progress but the ability to use API connectors from different security solutions into one central reporting engine is improving the ability to go for one security composite scorecard with the key performance indicators and key behavior indicators.  Such interactive dashboard is allowing all stakeholders involved to analyze and make timely decisions in improving their cyber-hygiene and cybersecurity maturity to their ambition level.”

How important is it for an or­gan­iz­a­tion to have its cy­ber­se­cur­ity in order?

“Cybersecurity is important because it protects all categories of information from theft and damage including sensitive information, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data and industry information systems. Without a proper cybersecurity program (on average over 3 to 4 years), an organization can not defend itself against data breaches executed by cybercriminals. Every organization sits in a supply chain between its customers and suppliers, where customers are increasingly asking questions about the cybersecurity maturity and where suppliers do need to provide more and more credentials and proof of their proper cybersecurity maturity.  This all puts additional workload on many organisations. Security risks are increasing because of global connectivity and cloud services to store sensitive and personal information. Top management starts to realize it can no longer solely rely anymore on standard out-of-the-box cybersecurity tools like antivirus software and firewalls. Cybercriminals are getting smarter and their tactics are becoming more resilient to conventional cyber solutions.  Organisations must include attractive and useful cybersecurity awareness trainings to educate all employees regularly about relevant cyber threats like social engineering scams, phishing, ransomware attacks and other malware designed to steal intellectual property, money or personal data from the organisation. That this security awareness education helps its employees to apply this also in their personal family environment is a bonus.”

Register for free for Cybersec Europe 2022

Interested in the future of cybersecurity? With keynotes from security experts like Mikko Hypponen, hacking experts like Tobias Schroedel and inspiring sessions from innovative and leading organisations, Cybersec Europe, former Infosecurity.be, Data & Cloud Expo, will be a 2-day all-round IT-security event at Brussels Expo on 11 and 12 May. Most sessions can also be followed via livestream.  Register for free here.

marc

Gerelateerde artikelen