“Bug bounty programs now allow ethical hackers try to break in and report bugs without being afraid of repercussions”

dan demeter kaspersky interview

Things have never been simple in cybersecurity.

However, looking at the current challenges can make almost anyone nostalgic for the time when the perimeter was the main asset to protect.

Today, securing diverse and hybrid infrastructures across geographies is a task for security leaders who see the big picture and the implications whose ramifications often bewilder business leaders.

One of the things we strive for at DefCamp is to draw inspiration and expert knowledge from our partners to share it with the community, so we can all improve and make a bigger positive impact.

That’s why we talked to Dan Demeter, Security Researcher at Kaspersky to uncover how security needs have changed and how organizational infosec challenges look like today.

Here’s what we learned.

What goes on beyond the perimeter is everyone’s business

“Data has become increasingly fluid, travelling constantly beyond the corporate IT perimeter on mobile devices as well as being processed on virtual as well as physical machines. And, with the uptake of public clouds and managed infrastructures, data is flowing off-premise and back as never before.

The growing adoption of an elastic cloud services model, where private data center resources expand instantaneously on demand and as needed into external clouds, delivers unprecedented flexibility, agility and clear economic benefits. There is no upfront investment in infrastructure, no waste and no delay in meeting immediate resource requirements while maintaining manageability.

Public clouds provide another great benefit – business continuity. If your data center suffers disruption or damage, off-premise resources can keep the show on the road until the issue is remedied. Public cloud providers themselves have invested heavily in their own business continuity and cybersecurity, creating safe, resilient environments for your business workloads. But that’s not the end of the story…

Like all the important things in life, securing these great technologies is not exactly simple. Balancing agility and resilience with security and data  requirements in large organizations is not just a matter of business continuity but a question of overcoming challenges in processes and human nature.

As Dan from Kaspersky highlights:

“The top security challenges for cloud adopters are:

  • Malware and ransomware attacking physical, virtual and cloud-based workloads
  • Data breaches as a result of a reactive and un-coordinated security approach
  • Decreased transparency due to growing infrastructure complexity
  • Administrative challenges because of disparate controls and tools
  • Systems resources squandered by heavyweight traditional solutions
  • Insufficient protection for data stored inside private data centers
  • DoS attacks disrupting operational continuity or preventing data exchange.”

Coordinating a security program to proactively tackle these issues and also have contingency plans in place for all sorts of outcomes is no small task.

The Kaspersky team knows that well, which is why they constantly work on adding capabilities to their product suite and why they get involved in the community, to share their research and foster collaboration.

Plus, infosec is an area where advancements pop up all the time, creating opportunities for improvement that overflow into other specific security aspects. Here’s one that Kaspersky believes companies could use paying more attention to:

Threat Intelligence is definitely the new trend in town, combining knowledge gained from regular sources, enriched with big data, in order to generate meaningful information about threat actors all around the world.”

The next generation of ethical hackers certainly has plenty of exciting challenges to tackle! Here’s one of the main opportunities aspiring hackers should look out for, according to Dan Demeter:

“Bug Bounty programs!

There are a lot of bug bounty programs that are now allowing ethical hackers try to break in and report bugs without being afraid of repercussions.

It’s an increasing trend of companies enrolling in these programs and handing out significant amounts of monies in pursuit of new bugs reports.

Recently, we also witnessed the news of white hat hackers who became millionaires, rewarded from bug bounty programs. We believe this will attract more and more people in this field.

There are so many interesting topics to address in cybersecurity which is what makes us really excited for this year’s conference! We’ve tried to include as many of them as possible in the event’s agenda.

Beyond discussing what goes on today, we need to figure out a plan for the future, as a community. That’s why we share Kaspersky’s perspective on this infosec topic we should talk about more frequently in this industry:

A safe experience for the young generation.

Teens need to be protected while browsing the internet and this should be achieved like any anything else in life: providing them as much knowledge as possible about the dangers of internet, guidance though their browsing experience and if necessary, monitoring their experience in order to make sure malicious individuals are not trying to target and take advantage of them.”

If you’re excited to see some of the best infosec specialists in the world live on stage at DefCamp, join us!

The Kaspersky team has a few recommendations to help you make the most of your experience at the conference:

“Meet new people, make new friends and enjoy the event!

Really, grab your tickets ASAP!

It’s an amazing experience where you can meet your old friends as well as catch up with the latest world class research.”

Save your spot for Nov. 7-8

Only 4 weeks left!

This year, we’re taking DefCamp to the next level with the help of our main, long-time partner, Orange. With support from IXIA – a Keysight Business, Secureworks, UiPath, Bit Sentinel, Thales, and other selected tech companies that value the power of community, we’re building valuable, hands-on learning experiences for 2000+ attendees from all over the world!

Join us to educate, secure, and change the world!

Meet our DefCamp 10 partners 2019

    Related articles​

    Securing the cloud: insights on threats, ..

    BY Adina Harabagiu
    There is no mystery that everything nowadays has a digital component. A growing number of companies are ..

    Striking a balance between security updates, ..

    BY Adina Harabagiu
    The world of cybersecurity is fast paced, there’s no denying it. Innovation is constant and threats are ..

    Pentesting: a tool for empowering – not ..

    BY Adina Harabagiu
    You’ve likely caught wind of this rising tide – offensive security, pentesting, and #RedTeams are not ..