Cybersecurity is becoming an increasingly central facet of national security strategy. Within this realm the HIMAYA team met with Jakob S. Fonsbøl, Business Development Manager at CSIS Security Group. CSIS Security Group is an independent cyber security provider protecting some of the world’s largest enterprise organisations. CSIS mitigates security risk with a range of preventive security products, as well as incident response and managed security services. With over 15 years’ experience in IT and cyber security Jakob has shared keen insight in the trends and threats covering the cyber security landscape.

How are cybersecurity companies adjusting to an era of widespread hacking and threats?
As a modern Security company you need to realize that it is important you can work with competitors to give the customers the best possible service. Beside of that it is important to have infrastructure in place that assist you to collect local intelligence, fast and efficient.

How are you preparing your customers?
We make them understand that every company will be compromised at some point. What really matters is how fast you can detect and mitigate the risk

What is your vision for the business and what do you see as important for the development of the industry?
Our vision is to be the best at what we do and work with other vendors where it is needed and make more sense from the customer’s perspective.

What new technologies and cyber risks are coming down the pike for organizations of all sizes?
It is difficult to predict the future, however, something indicates that social engineering (sometimes combined with malware) is something every company needs to prepare for (e.g. CEO/vendor fraud). In general IT-criminals has become more creative and patient. A technology I think we will see more in use in the future, is ransomware for mobile devices.

What are the biggest challenges government agencies in particular are facing in the digital transformation?
IT-criminals don’t care about borders. They can be in any country around the world while they attack a company somewhere else. It is almost risk free to be an IT-criminal and they know it.

How should banks use Threat Intelligence collaboration and what’s in it for them?
If we want to fight IT-criminals and make it less attractive to become one, we need collaborate. Some of the best results in fighting IT-criminals comes through collaboration.

How does the MENA region compare to other regions when it comes to the number and cost of cyber-attacks? Which industries are the most targeted?
Financial, Energy and Oil sector. It’s difficult to say anything about cost as this region is not as open as other regions, when it comes to sharing and reporting cyber-attacks. But seen from malware infection point of view this region is average compared to other regions.

As investment in security tech seems to be peaking again, what are the greatest opportunities and pitfalls for companies and governments?
The greatest opportunity is that it generates lots of competition amongst cybersecurity companies, which not only is reflected on pricing but also quality. Pitfall is that it can be difficult to navigate and select the right vendor.

Finally, what would be the top 5 IT security priorities you recommend customers to put in place for 2018?

1. Incident response procedure
2. Business continuity plan
3. 24/7 detection and response services (Security Analytics Centre)
4. GDPR implementation
5. Threat intelligence platform