This article is based on a round table "real cases of a cybersecurity breach ?"
organised by Pointury on May 4, 2023
Bart Van Nynatten, CIO at Agoria, told us the exciting thriller of how one of the companies he used to work for fell victim to ransomware. He then camped at the office for 3 weeks. They had to take very drastic measures very quickly, learned which IT vendors they could really count on and which they couldn't, spent millions in IT to bounce back, endured months of severe business disruption even with difficulties to process salaries and invoices and ultimately learned a lot from the weak points from the past...but no ransom was paid.
Peter Sandkuijl is VP Engineering at Check Point Software Technologies. He worked in IT security for over 25 years and was appointed Head of European Network Security Solutions at Check Point in 2011. He is now Vice President of Engineering in the EMEA region.
As head of engineering at Check Point, Peter is very knowledgeable about what is happening in the market and on the dark web. Cybercriminals are always looking for new ways to increase their returns and evade defences. Among other things, Peter gave us examples of how cybercriminals are increasingly using triple extortion. Not only do they encrypt victims' data, they also store stolen information and threaten to publish it. In a third step, the victims' customers are also confronted with sensitive data and blackmailed.
The situation is extremely dynamic and few organisations have adequately protected themselves. He drew our attention to a number of weaknesses that most organisations currently still have in terms of cyber security. Especially organisations with limited resources quickly lose the overview. You used to install a firewall and everything was pretty much fine. Today, this is still part of the defence system, but many new puzzle pieces have been added with identity management, network segmentation, data traffic monitoring, app security, and training. It has become specialist work.