Cegeka Careers Language Why Cegeka Back
Trinity of Innovation

5G, Artificial Intelligence and hybrid cloud: all breakthrough technologies in and by themselves. But their real potential?

Discover the future with us
Icons_Navigation_Cegeka&Society

Cegeka & Society

We develop innovative solutions with a positive impact on the environment, people, and society.

Icons_Navigation_Why Cegeka

Why Cegeka

As a family-owned IT solutions provider, we work In close cooperation with our customers.

Icons_Navigation_Our Story

About Us

Our strong values form the cornerstone of our identity and are at the baseline of our success.

Icons_Navigation_Annual Report

Annual Report

Dive into the details of our growth. Read the full report and learn more about our continued success.

More Cegeka

Our Management

Corporate News

Contact & Locations

Solutions Back
Solutions
Hybrid Cloud

Hybrid Cloud

Explore the added value of cloud adoption for your business

Data solution

Data & AI

Discover our different data solutions to help you become a data-driven company.

RegulatoryCompliance_Visuals_Navigation (1)

Regulatory Compliance

Ensure GDPR & GxP compliance with our comprehensive solutions.

Cyber Security & Networking Solution

Cyber Security & Networking

With cyber resilience, your organisation becomes a bit more secure with each day.

Digital Workplace Solution

Digital Workplace

Hybrid workplaces that increases productivity and reduces costs

Testing_Visuals_IconNavigation (1)

Testing Solutions

Experts in testing, program development, automation, training, and certification.

Applications Solution

Applications

Building the applications to embed growth, innovation and agility

Business Solutions

Business Solutions

Transform your business with Microsoft Dynamics ERP and CRM, integrated with Microsoft’s Power Platform.

website_navigation_dms_cegeka_uk

Disclosure Management System

Transformation and implementation of our information disclosure product

5G_Citymesh

5G & Mobile Private Networks

Expertise and development experience to bring all the advantages of 5G

Products and platform solutions

Products & Platforms

Software solutions that optimize business processes and drive success.

Services Back
Services
Website_Navigation_IT_Team_Extension_3

IT Team Extension

The best IT professionals to support your projects

AgileCoaching_Blog_The applicability of Agile and Scrum

Agile and DevOps Services

Your guide on your journey towards sustainable value delivery

Outsourcing Services

Outsourcing & Managed Services

Outsourcing your IT helps you to focus on your strategy.

Website_Navigation_Consultancy

Consultancy

The right skills and attitude to support the IT projects at your office

Website_Navigation_Projects

Projects

Integrating the right digital solutions for your IT project

Industries Back
Industries

Our industry-tailored services are designed to address specific challenges and opportunities across different industries

Website_Navigation_Finance_and_Insurance-1

Finance & Insurance

Take a major step towards cloud computing to increase effectiveness through the use of AI and big data.

Industries_Federal_Social_Government_Headervisual_General_1000x800px

Federal & Social Government

Embrace digitalization and harness the power of data to make citizens' lives easier, work smarter and boost efficiency.

Website_Navigation_Telecom_UK

Telecom

Unlock the potential of 5G and IoT to deliver faster, smarter, and more reliable services.

Insights Back
Knowledge is our backbone

We believe in sharing our insights and expertise with you. Explore our resources and learn more about our products, services and industry trends.

Icons_Navigation_Case Studies

Case Studies

Step into the world of our delighted customers and see how we helped them achieve their goals.

Icons_Navigation_News Items

Corporate News

Stay in the loop with our company news, announcements, awards and events.

Icons_Navigation_Blogs

Blogs

Read our latest articles on topics ranging from technology, innovation, business and beyond.

Icons_Navigation_Webinars

Webinars

Be part of the action with our live or on-demand webinars, where our experts share invaluable knowledge.

Icons_Navigation_Ebooks

E-books & Whitepapers

Download our guides and reports on various aspects of technology and business.

Icons_Navigation_Events

Events

Find out where we are going to be next, and register for our upcoming events.

CTG Academy

Academy

Enhance your skills with our expert-led training courses, tutorials, and certifications at our Academy.

Join our Academy
Back
Select language

English - United Kingdom

Corporate (English)

Austria (German)

Belgium (Dutch)

Belgium (French)

Denmark (English)

Germany (German)

Greece (Greek)

Italy (Italian)

Romania (English)

Sweden (English)

The Netherlands (Dutch)

United Kingdom (English)

Let’s get in touch
Cegeka Why Cegeka
Trinity of Innovation

5G, Artificial Intelligence and hybrid cloud: all breakthrough technologies in and by themselves. But their real potential?

Discover the future with us
Icons_Navigation_Cegeka&Society

Cegeka & Society

We develop innovative solutions with a positive impact on the environment, people, and society.

Icons_Navigation_Why Cegeka

Why Cegeka

As a family-owned IT solutions provider, we work In close cooperation with our customers.

Icons_Navigation_Our Story

About Us

Our strong values form the cornerstone of our identity and are at the baseline of our success.

Icons_Navigation_Annual Report

Annual Report

Dive into the details of our growth. Read the full report and learn more about our continued success.

More Cegeka

Our Management

Corporate News

Contact & Locations

Solutions
Solutions
Hybrid Cloud

Hybrid Cloud

Explore the added value of cloud adoption for your business

Data solution

Data & AI

Discover our different data solutions to help you become a data-driven company.

RegulatoryCompliance_Visuals_Navigation (1)

Regulatory Compliance

Ensure GDPR & GxP compliance with our comprehensive solutions.

Cyber Security & Networking Solution

Cyber Security & Networking

With cyber resilience, your organisation becomes a bit more secure with each day.

Digital Workplace Solution

Digital Workplace

Hybrid workplaces that increases productivity and reduces costs

Testing_Visuals_IconNavigation (1)

Testing Solutions

Experts in testing, program development, automation, training, and certification.

Applications Solution

Applications

Building the applications to embed growth, innovation and agility

Business Solutions

Business Solutions

Transform your business with Microsoft Dynamics ERP and CRM, integrated with Microsoft’s Power Platform.

website_navigation_dms_cegeka_uk

Disclosure Management System

Transformation and implementation of our information disclosure product

5G_Citymesh

5G & Mobile Private Networks

Expertise and development experience to bring all the advantages of 5G

Products and platform solutions

Products & Platforms

Software solutions that optimize business processes and drive success.

Services
Services
Website_Navigation_IT_Team_Extension_3

IT Team Extension

The best IT professionals to support your projects

AgileCoaching_Blog_The applicability of Agile and Scrum

Agile and DevOps Services

Your guide on your journey towards sustainable value delivery

Outsourcing Services

Outsourcing & Managed Services

Outsourcing your IT helps you to focus on your strategy.

Website_Navigation_Consultancy

Consultancy

The right skills and attitude to support the IT projects at your office

Website_Navigation_Projects

Projects

Integrating the right digital solutions for your IT project

Industries
Industries

Our industry-tailored services are designed to address specific challenges and opportunities across different industries

Website_Navigation_Finance_and_Insurance-1

Finance & Insurance

Take a major step towards cloud computing to increase effectiveness through the use of AI and big data.

Industries_Federal_Social_Government_Headervisual_General_1000x800px

Federal & Social Government

Embrace digitalization and harness the power of data to make citizens' lives easier, work smarter and boost efficiency.

Website_Navigation_Telecom_UK

Telecom

Unlock the potential of 5G and IoT to deliver faster, smarter, and more reliable services.

Insights
Knowledge is our backbone

We believe in sharing our insights and expertise with you. Explore our resources and learn more about our products, services and industry trends.

Icons_Navigation_Case Studies

Case Studies

Step into the world of our delighted customers and see how we helped them achieve their goals.

Icons_Navigation_News Items

Corporate News

Stay in the loop with our company news, announcements, awards and events.

Icons_Navigation_Blogs

Blogs

Read our latest articles on topics ranging from technology, innovation, business and beyond.

Icons_Navigation_Webinars

Webinars

Be part of the action with our live or on-demand webinars, where our experts share invaluable knowledge.

Icons_Navigation_Ebooks

E-books & Whitepapers

Download our guides and reports on various aspects of technology and business.

Icons_Navigation_Events

Events

Find out where we are going to be next, and register for our upcoming events.

CTG Academy

Academy

Enhance your skills with our expert-led training courses, tutorials, and certifications at our Academy.

Join our Academy
Corporate (English) Austria (German) Belgium (Dutch) Belgium (French) Denmark (English) Germany (German) Greece (Greek) Italy (Italian) Romania (English) Sweden (English) The Netherlands (Dutch) United Kingdom (English) Careers Let’s get in touch
Home Discover our latest blogs Discover our latest blogs Closing the Skill Gap: Strengthening Cybersecurity
Cyber Security & Networking
5 minutes reading

Closing the Skill Gap: Strengthening Cybersecurity

Once or twice a year I sit down with one of Cegeka's topical experts. During the summer, I had the chance to meet Fabrice Wynants, Cegeka’s Global Director of Cybersecurity.

Here are some of the topics we discussed:

  • the impact of COVID-19 on the security landscape;
  • how Belgian companies are doing in terms of “cyber hygiene”;
  • what all this means for current and future CISOs;
  • what low-hanging fruit companies still tend to overlook;
  • the biggest challenge for a successful security set-up;
  • and the secret of a functional response roadmap.

Muriel Reyserhove

Muriel Reyserhove

October 05, 2021

Fabrice, when we spoke last year, you had just joined the company and the COVID crisis erupted shortly afterwards. What has changed in the last year and a half?

Fabrice Wynants: “A lot of things – but if I had to pick one, it would be the huge increase in projects around Endpoint Detection & Response (EDR). The number of poorly secured endpoints has increased dramatically due to the growing number of remote workers. In most cases, working remotely means logging in through potentially insecure home connections to all kinds of systems and applications, both on the corporate network and directly to applications in the cloud.”

“Making these endpoints as secure as possible, in an affordable and easily scalable manner, is the main priority now. And that makes sense, because flexible, hybrid working is here to stay. You cannot boil the ocean, I always say. But EDR is the logical and practical first step in when you want to start tackling endpoint security. At Cegeka we also offer Managed Detection & Response (MDR), where all the steps – from monitoring to response – are carried out by our Security Operations Centre. There is high demand for this, too, as EDR tools are usually quite complex. That means you really need experts to get the best out of them.”

Fabrice Wynants - Cyber security

“Cyber hygiene” is a term that denotes cybersecurity best practice – so does this mean that companies generally have good cyber hygiene now?

Fabrice Wynants: “I wish I could say yes, but it's not what we are seeing in the field. Why is that? Security operations are going through a maturation process, moving away from the purely technical narrative. Security has long focused on implementing point solutions to address specific problems. This has resulted in a system with too many point solutions that interact with each other, are not used to their full potential and give rise to a complex and expensive environment that is hard to manage.”

"Security has long focused on implementing point solutions to address specific problems."

 

Fabrice Wynants, Cegeka’s Global Director of Cybersecurity

“Rationalising that security landscape is an important task for CISOs. In a recent report, Gartner even identified vendor consolidation as one of the big trends for 2021. That means replacing various tools with a single tool – such as EDR – but also identifying which functionalities in existing tools are underused. The challenge here is that consolidation projects are often complex and can take a long time. This too is an area where Cegeka can help to speed things up.”

What impact does this have on the CISO? Because they have to speak the language of the business, right?

Fabrice Wynants: “Absolutely. Gartner also mentioned this as a trend for 2021: more cyber-savvy boards. And that means more business-savvy CISOs. Nowadays, cybersecurity is important at all levels; it really permeates throughout the entire organization, both in terms of infrastructure and applications. CISOs must be able to pinpoint exactly where the organization's most important assets are located and what the impact of an incident or breach would be at different levels: operational, financial, regulatory and reputational. That's what the board is interested in, not the tooling or technology.”

"Gartner mentioned this as a trend for 2021: more cyber-savvy boards. And that means more business-savvy CISOs."

 

Fabrice Wynants, Cegeka’s Global Director of Cybersecurity

What are the most common mistakes organizations are making today? Is there any low-hanging fruit that they are missing? Or pitfalls that they should avoid?

Fabrice Wynants: “As I mentioned earlier, it is important for companies to pay sufficient attention to their cyber hygiene, which is not always the case right now. Patching, vulnerability management, multi-factor authentication... you'd be surprised how many companies are still lagging behind in these fields. And to return to the topic of EDR: to pay sufficient attention to the “R” in that story, i.e. the response part. Companies typically focus on early detection of potential incidents or breaches. But you also have to set the right response parameters, and people sometimes seem to forget that. It's like installing a fancy surveillance system with infrared cameras everywhere, but without functionality to alert the police.”

“One area of concern is the increase in public cloud-based workloads, with organizations often making the mistake of not giving security enough thought. They do implement traditional infrastructure-based security measures, but they are nowhere near enough. With hybrid and multi-cloud environments – something we’re very familiar with at Cegeka – it is crucial to add the integrated security capabilities of the cloud environment itself. Azure Cloud, for example, has very specific security features which offer a higher level of integrated security.”

Fabrice Wynants - Cyber security

What do you think is the biggest focus in cybersecurity right now?

Fabrice Wynants: “The growing lack of skills. This has an impact on both companies and their suppliers. On the one hand, there is a need for people with business-savvy security skills – which often means senior profiles – in other words, a limited group. On the other hand, you can also ask yourself if your technical staff still have the right technical skills. So it's a race on two fronts: firstly to find and retain talent, and secondly to ensure that people are kept up to speed through continuous learning.”

“At Cegeka, we tackle this challenge in different ways – for example, through highly targeted recruitment and intensive learning paths for everyone, from young graduates to senior managers. Another solution is to use security automation, especially for relatively standard and/or repetitive tasks that are time-consuming. Many of the actions in the context of Detection & Response can be automated, which gives your people the flexibility to focus on the more sophisticated analyses.”

"One solution to tackle the lack of skills is to use security automation, especially for standard and repetitive tasks."

 

Fabrice Wynants, Cegeka’s Global Director of Cybersecurity

Is cybercrime inevitable? Will everyone have to deal with it sooner or later? And what can companies do to minimise the risks?

Fabrice Wynants: “It's not inevitable, but it's becoming a bit of an unfair battle. Cybercrime is big business: it's professionally managed, with different teams for different steps – even a help desk – and big budgets. They usually only need a small gap to enter a system and do damage. Companies are not always prepared for this, and even large corporations that throw a lot of money at security are not invincible.”

“My advice is always this: focus on the stuff that matters. Or to come back to what I said at the start of this conversation, you can't boil the ocean. In other words, it is crucial that you know exactly what your critical processes and assets are and that you use a well-organized Detection & Response programme, whether or not managed by an external SOC. With that and a decent cyber-hygiene set-up, and you are well on your way.”

“And last but not least: simulate, simulate, simulate! From targeted phishing simulations for your internal staff to fully developed exercises that thoroughly test your response roadmap. Then everyone knows what to do, what actions to take, who to call, how and when to communicate and what steps to take in case of recovery: it really makes all the difference.”

Finally, what is the secret of a successful response roadmap?

Fabrice Wynants: “The difference between IT operations and security operations – if any difference still exists – is getting smaller and a good response plan hinges on how quickly you can act on the spot and implement the right expertise across a wide playing field, both in terms of applications and infrastructure and in a hybrid or multi-cloud environment. Security and IT have to cooperate at lightning speed and with absolute precision whenever a response is needed.”

Muriel Reyserhove

Muriel Reyserhove

More of Muriel Reyserhove articles

Get in touch