CASE STUDY
THE HUMAN FACTOR IS STILL IMPORTANT FOR DRIVING THE INVESTIGATION AND THE REACTION IN A STRATEGIC WAY .
capabilities to the table , from the forensic capabilities to the network analysis to the application analysis , and this is where our technology excels .
With the current crisis in Europe , has there been any change to the cybersecurity threatscape ?
Not really . It ’ s definitely showing us a new way of cyber-activism but this is not a long withstanding phenomenon . Something that has instead created a huge impact in the cybersecurity landscape were the actions against the ransomware gangs last year – that was really effective . In fact , nowadays , the cybercriminal war is scattered in different small groups , while up to 2020 there were four or five years of consolidation in this market by small groups affiliating themselves with larger groups . That is now no longer possible because of these mighty blows carried out by the different investigative agencies worldwide , which all of a sudden , in a few months , arrested several people . cybersecurity field , they should create a collaboration landscape so that different departments and different people inside the company can cooperate . This is extremely important because working in segregation in preparing a cybersecurity programme is definitely not working .
Another element is communication because during an incident , if all the components aren ’ t communicating with each other and more importantly , if communication is not done properly and effectively with the public and third-parties , it can backfire .
The third element is visibility . To have visibility on all the domains involved in an investigation is extremely important to minimise time needed for the reaction to an incident and to be able to properly block the attacker in the right moment . It is also extremely important that the strategy is delivered correctly – not overreacting , not creating issues to the whole investigation itself by not acting according to plan .
What are the core elements of an effective security programme ?
What are the limitations of taking a technology-only approach to security ?
Collaboration , communication and visibility . Collaboration means that for every company to really be able to integrate a working programme in the
The shortage of knowledge and capabilities on the market is definitely a problem . I know that several companies decided to solve the problem by integrating
60 INTELLIGENTCIO EUROPE www . intelligentcio . com