“Bad actors will begin using massive A.I. to *create* new methods to escape traditional – State of the Art – security tools”

Orange DefCamp 2024

Edition #14 of DefCamp is just around the corner, and the excitement is building! With less than a week to go, the conference promises to dive into some of the most pressing challenges and emerging trends in the ever-evolving field of cybersecurity. As the industry continues to transform rapidly, DefCamp offers the perfect platform to explore these changes, connect with experts, and stay ahead of the curve.

To give you a sneak peek into what’s in store this year, we teamed up with our trusted partners at Orange Romania for an exclusive preview. We had the privilege of chatting with Ioan Constantin, Cyber Security Expert at Orange Romania, who shared valuable insights into the dynamic shifts in cybersecurity – particularly in the telecom sector.

During our engaging conversation, Ioan highlighted three major changes shaping telecom and offered thoughtful perspectives on what they mean for the future:

I’ll start with regulation. 2024 was (still is) a prolific year for regulatory bodies publishing new or updated directives and requirements. NIS2, of course, and DORA come to mind. This is having a significant impact in our telco sector as we’re transitioning to a service-rich, telco-tech paradigm as we are onboarding new technologies to our existing stack. 

Supply Chain diversification and supply chain security comes in a close second. The past year(s) have brought several challenging situations to telcos, as we’re expanding our existing supply chains to respond to both regulatory requirements, and service diversification. Security Assurance plays a key role in managing supply chain risks.

Finally – actions of rouge, state-sponsored APTs have increased in number, volumes and – unfortunately- in having moderate success in some of their operations. We’re constantly improving our stance in terms of threat intelligence gathering, and sharing, and we are investing in context awareness for our cybersecurity operations, to mitigate the vast areas of comfort for bad state actors.

He then took the discussion a step further, diving into an in-depth analysis of how these changes are already shaping the cybersecurity landscape.

I’d say that the impact is mostly positive in terms of increasing the capacity of stakeholders to manage threats. At Orange we’re adding tools and processes meant to automate some of the workloads of operations people (by using A.I., of course), and we’re proactively integrating requirements of upcoming regulations to our business tools and processes. The cybersecurity market, at large, seems focused on using the momentum generated by the integration of A.I. to -pretty much- every aspect of day-to-day business to update their tools, and to support new threat scenarios, new kill chains and new types of vulnerabilities.

I’d conclude that positive things are stemming from the challenges, and overhead brought forward by the events of the past years.

That sounds like a lot, doesn’t it? But it doesn’t stop there – Ioan expects the industry to face even more significant challenges in the near future.

Malicious A.I. proliferation – I believe we’re at this turning point in time where bad actors will stop relying on LLMs to diversify their existing tools and begin using massive A.I. to *create* new strains of malware, new types of evasion techniques, new methods to escape traditional – State of the Art – security tools. 

State-actors increasingly gaining resources and support to conduct massive operations against western states – I’m seeing this as we speak, with numerous APTs actively conducting all means of attacks against Western targets. My keynote at DefCamp dissects the operations of one such bad actor. I have sufficient reasons to believe that this will increase in terms of destructive capacity, and the recent outcomes of global politics add to my reasoning. 

Finally – Supply chains might contract in terms of availability and cost, in the next period on top of the current geopolitical environment. If we are to see tariffs raised for vendors outside of the United States (and maybe the EU?), then we can safely say things are going to become more expensive in terms of procuring ICT assets, important to existing supply chains.

In this rapidly evolving landscape, with so much on the horizon, the infosec community – including professionals, companies, public institutions, and the academic sector – plays a pivotal role in shaping the future of cybersecurity.

Orange Romania stands as a key contributor to this community, demonstrating an unwavering commitment to enhancing security and driving progress within the industry.

In simple and concise terms – we strive to maintain, and to enhance our status of trusted cyber security solutions provider, and as innovators in cyber security. Our goals are, of course, reflected in the top-tier solutions and services we are providing to our B2C and B2B partners who rely on us for securing their data, businesses and livelihood. 

Our long-term vision and approach to cybersecurity is two-fold – we aim to maintain a secure environment for all our customers, end-users, and for our employees by ensuring a relevant, up to date and secure managed detection, response and mitigation ecosystems for all our services and products; and we have a strong development and innovation capability that is hard at work in enhancing our products and services portfolio with beyond State-of-the-Art cyber security technology. You can learn more about what we’re doing in this space, of technology innovations by reading our 2025 Business Internet Security report – there is an entire section dedicated to our projects and results. Or – you can simply get in touch by pinging me or my colleagues on LinkedIn, and we can discuss it at large – how our research, development and innovation capabilities and capacity can deliver for your cyber security needs.

The best part is that the expertise and skills of Orange’s professionals are reflected in robust and effective solutions. Ioan provided a quick overview of the advanced technologies and services included in Orange’s comprehensive cybersecurity portfolio.

Our solutions portfolio provides end-to-end cyber security solutions for managed or unmanaged protection against threats, detection of threats, mitigation, recovery, security assurance, CISO-as-a-Service and full-stack Vulnerability Management. It’s a metaphorical Cornucopia of tools, processes and people at work to provide best in-class Cyber Security Solutions.

Our Business Internet Security Service provides managed protection against threats for companies of all sizes, small to large enterprises. BIS is a success story, with hundreds of clients protected against cyber threats.

Threats & Exposures Management is our complete Vulnerability Management Solution, available as a cloud-based subscription or on your premises. It has backed-in, next-gen & next-level capabilities developed together with local start-ups and scale-ups, and it is 100% developed, maintained, and hosted in Romania.

Our Cyber Security Operations Center as a Service provides unparalleled capabilities for managed detection, mitigation and recovery of threat scenarios to our more concerning customers and can scale their tooling and infrastructures to account for the needs of companies from small to large, multi-national and international companies. 

In addition to being a highly skilled and professional provider of cybersecurity services poised to transform the local cybersecurity landscape, the team at Orange Romania is also actively involved in a variety of initiatives aimed at raising awareness in the Romanian market.

These efforts include supporting the younger generation through educational programs, fostering collaboration between industry leaders, and promoting the importance of cybersecurity at a societal level. By engaging with the community and providing valuable resources, Orange plays a vital role in shaping the future of cybersecurity in Romania.

Well – we’re proud partners, co-organizers and supporters of some of the most important cyber security happenings in Romania. Let’s start with DefCamp – we’ve been working together with you since the early editions, and we’ve helped grow such a vibrant and amazing community of tinkerers, hackers, professionals and hobbyists! 

We’ve invested in education, and learning through gamification, and together with CyberEdu, Bit Sentinel and many other great partners, we’ve managed to launch the most important cyber security competition(s) in Romania – UNbreakable Romania and the National Cyber Security Olympiad – a first edition in 2024! We are among the principal supporters of the Romanian Cyber Security Challenge and each year we’re providing #TeamRomania, our national representatives at the European Cyber Security Challenge, with training and support for their participation in the finals. 

My colleagues and I are engaging with local communities to help them consolidate their interest and efforts in cyber security, and to provide them with tools and a clear path to education in Cyber Security. We are contributors to several master’s courses in Cyber Security, held in the most prestigious technical universities in Romania, and through our Orange 5G Labs in Iași and Bucharest we’re supporting doctoral candidates’ dissertation work. Since opening the 5G Lab in Bucharest, we’ve welcomed many hackers and developers – students or entrepreneurs – to build, integrate, test and validate their solutions in cyber security. We’re collaborating with many local start-ups, in Orange Fab – our corporate accelerator – and help them integrate their technology to Orange Romania’s solutions, and to bring them closer to our customer base.

I’m privileged to be part of this, and to support many of our awareness and innovation activities.

The specialists at Orange Romania take a hands-on approach to effectively support the development of cybersecurity skills among future professionals. We asked Ioan to share more about this approach, and his response was truly insightful.

The answer to this basically, summarizes the answer to your previous question – we’re investing in education, and we’re targeting very early entry-points, at high-school level and continuing at university levels, through our Orange Education Program – a long-standing commitment of Orange Romania, now in its 25th year. Our investment materializes in supporting cyber security curriculums in partner universities, in providing development and testing facilities for developers and start-ups and – most important – in providing the tools needed for continuous learning and upskilling in Cyber Security. CyberEDU is one such success story – a platform built from the ground-up to provide cyber security content, and gamified challenges, to all. CyberEDU is at the forefront of our efforts in supporting the development of skills among future specialists.

Why not dive deeper? There’s always a need for guidance for new cybersecurity professionals interested in cyber defense and threat intelligence. Ioan provides comprehensive advice to help meet that need.

Go for it! – I think this is one of the most interesting, and promising areas of cybersecurity, in terms of both knowledge and operations. I would advise them to engage with some of the onboarding and entry-level content in CyberEDU and start from there. Moving further, one could go the open source & community-maintained route and take one of the many available free courses on threat intelligence and cyber defense, from prestigious tutors, universities and companies. Some of these provide a level of certification and attestation. 

You might already know that Ioan is also a key speaker at DefCamp 2024. Be sure to catch his presentation on November 29th! Here’s a preview of what you can expect from his session.

Hopefully – interesting stuff about how a malicious actor group co-ordinate, what type of tools they develop and make use of, for their nefarious purpose, and how they incentivize volunteers to participate in their ‘cyber army’. We’ve been monitoring the activities of several such groups for the past 2 years and we’ve learned a great deal on what motivates them. 

Of course, this being DefCamp and within the confines of my ‘traditional’ presence on your stage, attendees should expect some humorous parts, as well  

As DefCamp 2024 approaches, the Orange Romania team will be there to welcome you, engage in discussions, and share ideas.

We’ll be there in full force, with a lot of things happening on-stage, and at our stand. You’ll get to learn more about our MSSP catalog, some of our flagship solutions, and we’ll set-up some demos. My colleagues from Orange Fab will be there so make sure to stop by our booth (large one, orange-colored highlights, hard to miss )if you have a prototype of something that could be the next great thing in cyber security!

Oh, and during the first day of DefCamp we’ll co-host a very interesting workshop on how the Digital Europe Programme can enable and support innovation and capacity building in Cyber Security. 

Time is flying, and DefCamp 2024 is almost here.

It’s shaping up to be an action-packed event – make sure you don’t miss it. 

See you there!

    Related articles​

    DefCamp 2024 highlights: over 2,000 infosec ..

    BY Adina Harabagiu
    DefCamp 2024 wasn’t your average conference. It was two packed days of cybersecurity action, held in ..

    DDoS Protection Solutions by Orange

    BY Adina Harabagiu
    Protect your company’s data against DDoS (Distributed Denial of Service) attacks.

    Less than ONE month left until DefCamp 2024 ..

    BY Adina Harabagiu
    See the news, meet the speakers, explore the DefCamp 2024 workshops! DefCamp’s mission is to advance and ..