Giuseppe Brigio, Coalis: Cyber security approach must be based on risk and impact analysis for successful cyber attacks
On the occasion of FIC 2022, Qualys will present the evolution of its platform, in particular, its multi-vector EDR 2.0 offer. This feature is dedicated to rapid assessment of major events and cyber attacks. For Giuseppe BRIZIO, QUALYS ‘CISO EMEA, the cyber security approach must be based on an analysis of the risks and implications of a successful cyber attack.
Global Security Mag: What will be your news at the International Cyber Security Forum 2022?
Giuseppe BRIZIO: Digital transformation is such that information systems are becoming more complex, hybrid and difficult to secure. In this context, Qualis continues to develop and expand its integrated solutions, capable of securing all hybrid IS, integrating and simplifying the landscape of cyber security and compliance tools, reducing complexity, improving efficiency, and optimizing costs.
We will cover the three components of the Qualis platform to meet demand: resource visibility and management; Risk reduction and vulnerability prevention and remediation and, ultimately, detection and response to intrusion, and malicious or suspicious activity.
We’ve added a key feature to our multi-vector EDR 2.0 offer. This feature is dedicated to rapid assessment of major events and cyber attacks. Let’s say:“EDR is dead. Long-lived multi-vector EDR ”!
Global Security Mag: What are the strengths of the solutions you are going to present at this event?
Giuseppe BRIZIO: As you know, Qualys is a pioneer in cloud security and our year of research and development allows customers to benefit from a very solid and complete cloud platform. It now has over 20 integrated applications covering the entire chain, from asset management, IT security, cloud and container, web applications and compliance. We have made progress with global threats and changes in the IT environment, but also with our customers. Qualys has more than 20,000 customers worldwide and we are growing together.
This year Qualys announced the availability of the XDR (Extended Detection and Response) application to understand the entire company’s cyber risk exposure, to identify threats and to respond to incidents. As explained above, the MV-EDR 2.0 (Multi Vector Endpoint Detection and Response) version has been expanded to include the MITER ATT & CK strategy and tactics, enabling faster threat detection, analysis, and response. The MV (multi-vector) method helps prevent future attacks by identifying and remedying vulnerabilities absorbed by one or more malware.
Global Security Mag: Since the beginning of the year, have you noticed the emergence of new cyber threats?
Giuseppe BRIZIO: The frequency and sophistication of cyberbullying using automation and artificial intelligence is constantly increasing, and the trend is confirmed in 2022. Telecommuting increases the surface of attack and confirms phishing as a major problem. Even if users are more aware of the need to identify and avoid malicious links received via e-mail, the use of affiliate platforms, ShadowIT and hackers’ intrusion into them, makes this task more difficult to detect.
APIs are becoming a privileged attack vector because we are witnessing an “API” of information systems and attacks aimed at fraudulently transferring data between applications will become more frequent. Robotization and automation of industrial processes (IIOT) leads to the proliferation of connected objects (OT – operational technology) which is becoming the target of increasing cyber attacks. Cyber incidents in industrial systems (SCADA), ICS (Industrial Control System), and DCS (Distributed Control System) directly affect the physical world which can destabilize the supply chain but endanger human life.
Global Security Mag: How should technologies be developed to deal with these threats?
Giuseppe BRIZIO: The evolution of technology must follow guidelines such as: automation to deal with attack volume, frequency and speed; Artificial intelligence will be able to understand the sophistication of attacks and respond to them effectively and promptly; Machine learning to detect and respond to malicious and / or suspicious activity and ensure continuous and real-time protection and operational improvement. The challenge is multiplied!
Global Security Mag: In your opinion, what role can humans play in strengthening the deployed defense strategy?
Giuseppe BRIZIO: The business understanding of its challenges is fundamental to the implementation of an effective defense strategy. People need to be able to prioritize security when it comes to identifying and analyzing the cyber risks of the business and the company as a whole. In the sense of all employees of an organization, people must be trained in the cyber security challenges to ensure that the right behavior is adopted such as, for example, phishing (and its variants vising, mixing), social engineering, remote access … and above all comics. Will be involved and the security policy will be known, understood and properly implemented.
Global Security Mag: There has been a shortage of talent year after year, what steps can cyber security players take to attract new talent?
Giuseppe BRIZIO: Cybersecurity communications, market developments and new technological trends provide the visibility needed to attract new talent, but not enough. Cybersecurity players must disclose the reasons for their stay, their strategies, policies and values that identify their identity, their culture and their goals.
Learn about occupations or different missions, such as cyber security management and management, design and management of secure IS, incident and cyber crisis management, … and career evolution planning possibilities.
All we need to do is provide a comprehensive overview to attract new talent and encourage new careers! Ultimately, training is essential, to enable the younger generation to move more easily towards their new profession. Epita, Epitech, Ecole 42 Admission. We are delighted to see the arrival of postgraduate training, such as the Campus Guardia Cybersecurity School, which opens next October in Lyon and Paris.
Global Security Mag: What message would you like to send to CISO?
Giuseppe BRIZIO: Since cyber risk is a business risk and the role of CISO is a role dedicated to protecting the latter from cyber threat, it is very important to be able to support CISO with good knowledge of general management issues. Support him in his ability to define strategy, priorities and objectives. According to a recent Gartner survey, the effectiveness of CISO by 2023 will be measured at 30% on the ability to create value for companies. The cyber security approach must be based on risk and impact analysis in case of a successful cyber attack. It is important to establish an appropriate protection strategy with all stakeholders.
For more information, contact our office in France: firstname.lastname@example.org