1. Hello, please tell me something about you and your work.
I’m a cybersecurity professional with 10+ years of a demonstrated history of working in the information security field. In my current role of Cybersecurity Architect at NTT DATA Romania I design and build modern Security Operations Centers. Previously I’ve worked in different cybersecurity positions and environments: Security Specialist in a military CERT, Incident Response Team Lead at The Romanian National Cybersecurity Authority (CERT-RO), Security Program Manager at SecureWorks, SOC Manager at Aera Technology.
2. Where do you get your information on what is going on in the IT security industry?
In general, I use Twitter to aggregate relevant content produced by CERT teams around the world, like CERT-RO and US-CERT for example. I have also subscribed to some cybersecurity newsletters.
3.Whatis the key to good CyberSecurity?
The most important thing is to be aware that for a good cybersecurity posture you need skilled and trained people, modern technology and adequate processes. Cybersecurity it’s not something that you buy one-time and that’s it.
Unfortunately, most of the organizations follow the same pattern that leads to failure in achieving a good cybersecurity posture:
- First, they try to resolve the problem by buying some technology, usually without assessing their needs and relying in what sellers are recommending.
- After they fail, next move is to bring some juniors, ideally with some hacking skills because they should know better how the real hackers act and with what tools.
- Of course, they fail again, and they conclude that the problem is the outdated technology, so they buy some new tools.
- … and so on …
Long story short, the most important thing is to have proper processes in place and improve them constantly.
4. Do you think companies should invest more in security training?
Definitely. But first companies should assess their training needs carefully to avoid spending the budget inefficient. Also, look for custom trainings to better address their needs.
5. What are the best practices for today and how can businesses avoid cyber threats such as ransomware, phishing attacks, etc.?
Start by assessing the risk and then invest accordingly in people, technology and processes to mitigate the risks.
6. Do you have any tips on how to protect personal data?
The most efficient way is to try reducing as much as possible the processing of such data. Then, use adequate technology and methods to secure the data in transit and in rest. More layers of protection should be used.
7. Finally, is there anything else you wanted to tell us that we have not asked about?
I would advise everyone to use the same degree of caution in cyber space as in the real world. For example, in real world we learned that nothing is really free and when something looks to good to be true usually it’s not true. I’m sure that if we apply the same mindset when we read our emails or navigate on the web the success rate of phishing and malvertising campaigns would decrease a lot.