Alongside the many exciting cybersecurity brands on show at InfoSecurity Europe 2022 was a wide range of expert speakers, panel discussions and Q&A sessions. On the Keynote Stage, for example, investigative journalist Geoff White shared some fascinating insight into the cybercrime activities of nation-states, and in particular the use of phishing attacks by the North Korean regime to steal huge sums of money from banks to top up its government coffers.
One such attack on a major bank used malware contained in a file attachment to gain access to its systems, resulting in illegal transfers totalling EU 13 million. As Geoff pointed out in his presentation, given the sophistication of such attacks and the apparent authenticity of the malicious emails, it’s not surprising to find that at least one employee opened the attachment, giving the attackers the access they needed.
As he went on to describe, this is part of a wider strategy where nation-state activists increasingly work with organized crime gangs to identify targets, execute attacks and then launder stolen funds. And it’s just this kind of incident that Glasswall is preventing for organizations around the world, who use our Content Disarm and Reconstruction (CDR) solutions to proactively sanitize files and rebuild them to their ‘known good’ specification, making them safe to use.
Cybersecurity in the boardroom
Among the expert CISO panel sessions, one discussion focused on the challenges cybersecurity leaders face in building board-level engagement. Crucial to ensuring security is given the focus and funding it requires, the panel said, is for CISOs to think like a board in the way they understand and consume information.
Talking about vulnerabilities can often be meaningless in the boardroom context, the panel explained, so it’s important to focus on business outcomes and reflect the risks that may impact leadership objectives. As our CEO, Danny Lopez, wrote last year, it’s also a question of boardroom mindset and, “leaders should see their role in the cybersecurity decision-making process in a different light and seek out advice that can better inform their decision making. In doing so they put themselves in a much stronger position to focus time and investment into keeping their organisations safe.”
It all comes down to trust
Drawing almost everything at the event together was the issue of trust. Over on the Insight Stage, OneTrust’s Head of GRC, Scott Bridgen, pointed out that while trust is everywhere in cyber, the problem is that it lacks a shared definition.
Across every organization, there are trust stakeholders who, ideally, need to understand their contribution to trust as a cross-functional issue that brings with it massive interdependencies. Trust also influences strategic market drivers, such as competitive differentiation, digital transformation, even the ability of a business to attract investors and improve corporate culture. The bottom line, he explained, is that being more trusted creates major dividends.
In common with the CISO panel, he argued that trust – and its role in cybersecurity – isn’t always given the prominence at board level that it truly deserves, but successful security teams must bring more focus to the subject to maximize their effectiveness.
These are views we share at Glasswall, and our mission is to deliver highly effective file-based security so users can trust every file. To read more about how our CDR solutions help deliver proactive protection, click here.
