Getting more context from cybersecurity pros is essential to have a more clear picture of cyber threats and see this industry through the lens of those who are actively involved in it.
And we all need to understand why threat actors are still making a way into companies and wasting no opportunity to exploit their systems and infrastructure, right?
The infosec community is strongly involved in promoting cybersecurity awareness as a collective responsibility to make both companies and Internet users understand the real impact of online threats.
Government-sponsored actors and organized crime are still the biggest threats we are facing
That’s why the DefCamp 2021 edition focuses on bringing together infosec pros with vast expertise in the industry to talk about the most current cyber threats and share insights on how to prevent them.
Raphaël Lheureux, CSIRT and Pentesting Team Leader at Cegeka, is one of our main speakers at DefCamp 2021. He is also a SANS Institute board member, experienced incident responder, and conference speaker.
We wanted to know his opinion on the emerging cybersecurity challenges many companies worldwide are addressing.
Here’s what he thinks:
“It’s no secret that government-sponsored actors and organized crime are the biggest threats we are facing nowadays.
Contrary to activists, who are usually mentioned as the third big threat, the former two have plenty of financial resources to fuel their activities. On the other hand, the budget for the defenders is often limited and heavily scrutinized. “
Raphaël also mentions why companies should focus on penetration testing to avoid costly security breaches or cyber threats.
“I am still a strong advocate of penetration testing. It renders weaknesses in the security posture of an organization more tangible for its decision-makers, which often improves the mobilization of budget for security purposes.”
One thing we know for sure. We need to address these security issues more often and talk about practical solutions within the infosec community and beyond.
To make the infosec community even stronger and more united, Raphaël Lheureux believes it’s important to address the following topics:
“There is a shortage of well-trained people in cyber security. It’s a very broad, complex and relatively new field. Several colleges and universities are already developing security-specific courses and degrees, but I hope to see much more of that in the future.”
He also reminds us about the need to have easy access to cybersecurity resources that can teach us the basics of the industry.
“Cybersecurity knowledge has already become much more accessible in the last few years and I applaud organizations that focus on providing good and up-to-date training materials for the future talent in our field.”
More planning = better prevention and protection
We wanted to pick Raphaël’s brain for finding out his perspective on the wave of cyber threats, if and how companies plan to ensure the essential cybersecurity measures.
“There is no amount of security that can guarantee that an organization will stay safe. Next to reducing risk to the lowest possible level, it is of vital importance that organizations prepare for the day the inevitable happens.
He also emphasizes why he thinks companies are more aware of the risks and concerned to secure their digital assets:
“A good incident response plan, detailed procedures, and regular tests will make the difference when things go wrong. I feel that more companies are becoming aware of the risks, especially because they see many other companies being breached. As a consequence, more attention is being directed to prevention and preparation. Security is becoming a continuous concern of the C-level and that’s a good thing!”
We value our partners’ constant support and contribution to the infosec community. And Cegeka is one of them. Our fundamental goal is to build a stronger and bigger community in which people can join and attend conferences like DefCamp where ethical hackers and infosec specialists.
Sharing information is key to making a community thrive
That’s why we loved what Raphaël thinks about the benefits of attending events like this:
Sharing information is key to making a community thrive. The reason I like conferences like DefCamp is that they add that old-school vibe of meeting like-minded people in real life. It’s a great way to extend your network, find people to join in on community projects, and even to make friends :)”
Curious to know more about the topic presentation the Cegeka team will present at DefCamp this year?
We asked Raphaël to share a few details about the presentation:
The talk will be about leveraging threat intelligence, more precisely the MITRE ATT&CK framework and in-house intel that we have gathered through our incident response practice, to select the most important sources for a “detect & respond” service.
If there’s one thing you can learn from Raphaël’s industry experience and know-how this:
“I used to think that a cybersecurity professional could be so knowledgeable that he/she could become a “one-person army”. Through the years, I’ve learned that attackers and their TTPs evolve so quickly, that close cooperation between team members with complementary skills and specializations is the key to staying one step ahead.”
Want to discover more?
Get your ticket to the conference and come to (virtually) meet Raphaël and his team from Cegeka.
Last but not least, we take this opportunity to mention that DefCamp 2021 is powered by Orange Business Services. Moreover, this edition is possible with the support of our main partners: Keysight Technologies, Cegeka, Garrett, Secureworks, Bit Sentinel, and our partners Pentest-Tools.com, Siemens and CyberEDU.