This publication uses cookies

We use functional and analytical cookies to improve our website. In addition, third parties place tracking cookies to display personalised advertisements on social media. By clicking accept you consent to the placement of these cookies.

Visibility

If you can’t see it,

you can’t protect it

No matter which cloud service, hardware or software a company uses, there is always a security risk involved. After all, it can change and move with developments that take place within the organization. That’s why it’s vital to maintain an overview. “If you can’t see it, you can’t protect it”, says Stephen Corbiaux at Davinsi Labs.

With the roadmap in hand, you can get started with a robust IT security strategy. The vulnerabilities of the organization have been clearly mapped out, which makes the plan manageable. This not only helps the IT team but also raises awareness among employees and policymakers. With the roadmap you have clear guidelines for your employees and you can draw up an airtight cybersecurity policy. If a security breach could cost your organization a lot of money, then you have good arguments to free up budget for a solution. A win-win situation for every layer of the organization.

5. A cybersecurity roadmap provides guidance

4. From IT security assessment to roadmap

The assessment is an excellent basis for drafting the security roadmap. The roadmap will help to set a long-term strategy. An important part of this is a priority list. If a business process is at risk from a security breach, investigate the cost of that impact. These findings are the result of the interviews and technical scan. You compare these threats against a list of common threats in the information security world by, for instance, using the RAVIB method (Risk analysis for information security). By linking the CHANCE that an incident will occur to the IMPACT, you create a list of RISKS.

This method makes it possible to take appropriate measures to combat threats. These measures may be of an administrative or technical nature. If measures cover multiple threats and risks, move them up the list. You can also take the available budget and ambition level of your organization into account.

The next step in the assessment is to determine which cybersecurity measures have already been taken to avert the danger and to decide whether these are still sufficient. You determine whether the cybersecurity measures you have taken are still in line with the impact of the risks you have reassessed.

There is a good chance that you will need to fix some parts that are out of balance. The results of this assessment will provide you with a solid argument for making new investments in IT security. The results of scanning the network traffic really help with this; the location of the vulnerabilities will be there in black and white for all to see.

3. Mapping cybersecurity measures

2. Exposing vulnerabilities in IT architecture

With the list of business risks that was drawn up earlier, you look at the IT architecture and determine which IT components are associated with high-impact risks. Think of (parts of) the network, business applications (CRM or ERP) or a production environment that is equipped with IoT solutions and provides sensor data. Here it is useful to place a piece of software in the network that can monitor and scan the network traffic. That way, risks and vulnerabilities are automatically exposed and you collect technical evidence to support a theoretical framework.

Ideally, you start by establishing the primary business processes. Which processes give your organization the right to exist? Look at the products you develop and deliver, the services you offer, the customers or customer segments that generate the most value, which business applications support the primary processes and which information is indispensable. Consider the consequences if a primary database is breached.
When you calculate the probability of occurrence multiplied by the magnitude of the impact, you can rank the risks and prioritize them.

1. Establish cybersecurity priorities

Stephen CorbiauxSolution Lead Vulnerability Management at Davinsi Labs

"To improve the security posture, you have to focus on extra resilience. You do this by working on three main pillars: people, technology and processes.”

Why does the use of cloud solutions pose a potential security risk?
“Because the provider of the cloud service manages the platform for you, but not the cybersecurity. Today you can easily apply out-of-the box security to cloud services. With a solution for Intrusion Detection & Response, you can, for example, see who has logged into your cloud service from which location – and respond if necessary. Of course, it remains a challenge to focus time and expertise on doing something with the alerts that your security environment generates. So, companies often outsource that part, employing an IT partner to strengthen their security posture via a managed service.”

Case

ESA and Telindus: Pushing the frontiers of cybersecurity

Today, space systems and the data, products and services they provide are increasingly relied upon for supporting critical infrastructures and services, communication, scientific study, exploration, policy and decision-making. This increased reliance of society on space assets also increases their attractiveness as targets for adversaries. Telindus Luxemburg helps the European Space Agency (ESA) protect its assets and intellectual property, through automating penetration tests and increasing user awareness.

Marcus Wallum, Operations Data Systems Engineer at ESA: “ESA has a mature security governance framework with traceability from top-level regulations and directives to policies and implementation. This includes an accreditation and certification scheme, associated responsible roles and an ISO-27001 certified Information Security Management System.
Despite the increased focus, there is still much work to be done. For example raising sufficient awareness so that cybersecurity requirements are supported from the start of a program or mission and flown down to the engineering level.

”The PenBox permits to conduct generic penetration tests against a system in an easy and repeatable way for non-expert users, significantly lowering the cost and allowing repeatability of testing. Space mission-specific attack scenarios flag a potential real mission impact, greatly improving user and system-owner awareness."

Cybersecurity Assessment in 5 steps

A cybersecurity assessment provides insight into which security components are essential and enables you to monitor and improve the effectiveness of investments. 

Do you need direct insight into the status of your IT security? By answering just 12 questions, you can get a global picture of what stage your security is at as well as a personal report.

.

Security Maturity Quick Scan

Stephen Corbiaux

studied software engineering at Erasmushogeschool in Brussels and is Solution Lead Vulnerability Management at Davinsi Labs.

Building a modern network

Stephen Corbiaux, Solution Lead Vulnerability Management at Davinsi Labs:

“A modern network today is usually a hybrid environment: partly on premise, partly in the cloud. Often, new organizations no longer have their own infrastructure and work entirely in the cloud.”

You can generate new instances in the cloud with one click. It is impossible to inventory and manage such activities in the traditional way. However, the IT department must also provide the necessary support here. If you can’t see it, you can’t protect it. That is why visibility is essential, because it also provides insight into the possible dangers.”

Shadow IT is the term that refers to those IT activities that happen under the radar of the IT department – and whose security that department cannot guarantee. 
What do you see as the biggest risk there?

“Anyone with an e-mail address and a credit card can purchase a service in the cloud. The danger lies mainly in the data that ends up on those systems. But as a company you can't possibly seal everything hermetically. There is no magic solution to avoiding shadow IT. Above all, you need to communicate clearly about it: point out the dangers to raise awareness. At the same time, the IT department also needs to think about why people use shadow IT. Why does someone use an online file host? Perhaps because the solution the company provides doesn’t meet their needs.”

“The risks change over time, 
including the technology and the business context. 
You have to include all these elements in your cybersecurity.”

No matter which cloud service, hardware or software a company uses, there is always a security risk involved. After all, it can change and move with developments that take place within the organization. That’s why it’s vital to maintain an overview. “If you can’t see it, you can’t protect it”, says Stephen Corbiaux at Davinsi Labs.

you can’t protect it

If you can’t see it,

Visibility

The assessment is an excellent basis for drafting the security roadmap. The roadmap will help to set a long-term strategy. An important part of this is a priority list. If a business process is at risk from a security breach, investigate the cost of that impact. These findings are the result of the interviews and technical scan. You compare these threats against a list of common threats in the information security world by, for instance, using the RAVIB method (Risk analysis for information security). By linking the CHANCE that an incident will occur to the IMPACT, you create a list of RISKS.

This method makes it possible to take appropriate measures to combat threats. These measures may be of an administrative or technical nature. If measures cover multiple threats and risks, move them up the list. You can also take the available budget and ambition level of your organization into account.

4. From IT security assessment to roadmap

The next step in the assessment is to determine which cybersecurity measures have already been taken to avert the danger and to decide whether these are still sufficient. You determine whether the cybersecurity measures you have taken are still in line with the impact of the risks you have reassessed.

There is a good chance that you will need to fix some parts that are out of balance. The results of this assessment will provide you with a solid argument for making new investments in IT security. The results of scanning the network traffic really help with this; the location of the vulnerabilities will be there in black and white for all to see.

3. Mapping cybersecurity measures

With the list of business risks that was drawn up earlier, you look at the IT architecture and determine which IT components are associated with high-impact risks. Think of (parts of) the network, business applications (CRM or ERP) or a production environment that is equipped with IoT solutions and provides sensor data. Here it is useful to place a piece of software in the network that can monitor and scan the network traffic. That way, risks and vulnerabilities are automatically exposed and you collect technical evidence to support a theoretical framework.

2. Exposing vulnerabilities in IT architecture

Ideally, you start by establishing the primary business processes. Which processes give your organization the right to exist? Look at the products you develop and deliver, the services you offer, the customers or customer segments that generate the most value, which business applications support the primary processes and which information is indispensable. Consider the consequences if a primary database is breached.
When you calculate the probability of occurrence multiplied by the magnitude of the impact, you can rank the risks and prioritize them.

1. Establish cybersecurity priorities

Do you need direct insight into the status of your IT security? By answering just 12 questions, you can get a global picture of what stage your security is at as well as a personal report.

.

Security Maturity Quick Scan

Telindus Nederland is a Proximus Accelerator and provides global solutions in the area of ICT and telecom services to organizations and government services. The company specializes in landline and mobile telecommunication, ICT infrastructure, multicloud, Fintech solutions, cybersecurity and managed services.

Davinsi Labs is a Proximus Accelerator and helps companies achieve Digital Service Excellence through specialized Security Intelligence and Service Intelligence solutions. In today's digital world, customers expect their data to be managed with the utmost security and they want a fast, flawless customer experience. As a Managed Services Provider, Davinsi Labs offers a portfolio of solutions to achieve Digital Service Excellence for the most business critical applications and services.

Telindus Luxemburg is a Proximus Accelerator and provides global solutions in the area of ICT and telecom services to organizations and government services. The company specializes in landline and mobile telecommunication, ICT infrastructure, multicloud, Fintech solutions, cybersecurity and managed services.

Marcus Wallum gives a detailed report about cybersecurity in the aerospace industry and the PenBox system. 

Today, space systems and the data, products and services they provide are increasingly relied upon for supporting critical infrastructures and services, communication, scientific study, exploration, policy and decision-making. This increased reliance of society on space assets also increases their attractiveness as targets for adversaries. Telindus Luxemburg helps the European Space Agency (ESA) protect its assets and intellectual property, through automating penetration tests and increasing user awareness.

Marcus Wallum, Operations Data Systems Engineer at ESA: “ESA has a mature security governance framework with traceability from top-level regulations and directives to policies and implementation. This includes an accreditation and certification scheme, associated responsible roles and an ISO-27001 certified Information Security Management System.
Despite the increased focus, there is still much work to be done. For example raising sufficient awareness so that cybersecurity requirements are supported from the start of a program or mission and flown down to the engineering level.

”The PenBox permits to conduct generic penetration tests against a system in an easy and repeatable way for non-expert users, significantly lowering the cost and allowing repeatability of testing. Space mission-specific attack scenarios flag a potential real mission impact, greatly improving user and system-owner awareness."

ESA and Telindus: Pushing the frontiers of cybersecurity

Case

5. A cybersecurity roadmap provides guidance

With the roadmap in hand, you can get started with a robust IT security strategy. The vulnerabilities of the organization have been clearly mapped out, which makes the plan manageable. This not only helps the IT team but also raises awareness among employees and policymakers. With the roadmap you have clear guidelines for your employees and you can draw up an airtight cybersecurity policy. If a security breach could cost your organization a lot of money, then you have good arguments to free up budget for a solution. A win-win situation for every layer of the organization.

A cybersecurity assessment provides insight into which security components are essential and enables you to monitor and improve the effectiveness of investments. 

Cybersecurity Assessment in 5 steps

Why does the use of cloud solutions pose a potential security risk?
“Because the provider of the cloud service manages the platform for you, but not the cybersecurity. Today you can easily apply out-of-the box security to cloud services. With a solution for Intrusion Detection & Response, you can, for example, see who has logged into your cloud service from which location – and respond if necessary. Of course, it remains a challenge to focus time and expertise on doing something with the alerts that your security environment generates. So, companies often outsource that part, employing an IT partner to strengthen their security posture via a managed service.”

“The risks change over time, 
including the technology and the business context. 
You have to include all these elements in your cybersecurity.”

Stephen Corbiaux

studied software engineering at Erasmushogeschool in Brussels and is Solution Lead Vulnerability Management at Davinsi Labs.

Stephen Corbiaux, Solution Lead Vulnerability Management at Davinsi Labs:

“A modern network today is usually a hybrid environment: partly on premise, partly in the cloud. Often, new organizations no longer have their own infrastructure and work entirely in the cloud.”

You can generate new instances in the cloud with one click. It is impossible to inventory and manage such activities in the traditional way. However, the IT department must also provide the necessary support here. If you can’t see it, you can’t protect it. That is why visibility is essential, because it also provides insight into the possible dangers.”

Shadow IT is the term that refers to those IT activities that happen under the radar of the IT department – and whose security that department cannot guarantee. 
What do you see as the biggest risk there?

“Anyone with an e-mail address and a credit card can purchase a service in the cloud. The danger lies mainly in the data that ends up on those systems. But as a company you can't possibly seal everything hermetically. There is no magic solution to avoiding shadow IT. Above all, you need to communicate clearly about it: point out the dangers to raise awareness. At the same time, the IT department also needs to think about why people use shadow IT. Why does someone use an online file host? Perhaps because the solution the company provides doesn’t meet their needs.”

Building a modern network