Ransomware

Interview With Krzysztof Olejniczak On Emerging Threats

From to extended reality (XR), Krzysztof emphasizes the necessity for adaptable security strategies to counter evolving cyber threats. 

by Avantika Chopra March 26, 2024 in Firewall Daily, Interviews Reading Time: 7 mins read 0

587 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

Introducing , the Chief Information Security Officer (CISO) at STX Next, in an exclusive interview with The Cyber Express. With a profound understanding of cybersecurity's evolving space, Krzysztof shares his visionary outlook on the future of cybersecurity and offers insights into navigating the complexities of emerging technologies.

With nearly 20 years of expertise in the technology sector, including roles as VP of Cyber Risk Services at Sysnet Global Solutions and Director for the EMEA region at Online Business System, Krzysztof brings a wealth of experience to the table. Additionally, his tenure as a lecturer at the Poznan School of Banking underscores his deep understanding of the field. From quantum computing to extended reality (XR), Krzysztof emphasizes the necessity for adaptable security strategies to counter evolving cyber threats.

Krzysztof Olejniczak's interview highlights the human aspect of cybersecurity, advocating for proactive measures such as regular employee training and robust incident response planning.

His approach extends to addressing advanced techniques like deep learning and generative adversarial networks (GANs), highlighting the importance of staying ahead of sophisticated cyber threats.

Krzysztof also delves into key considerations for securing IoT ecosystems, harnessing the potential of AI and ML in cybersecurity defense mechanisms, and navigating the challenges posed by cloud computing and remote work.

As the cybersecurity landscape continues to evolve with edge computing and decentralized architectures, Krzysztof's adaptable strategies and human-centric approach serve as a steadfast protector of our digital ecosystems.

Krzysztof Olejniczak Interview Excerpt

Q1. Looking ahead, how do you envision the future of cybersecurity evolving, particularly in response to emerging technologies such as quantum computing and extended reality (XR)?

Cybersecurity is a continuous process – organizations can be secure one moment, then compromised the next. Every minute hackers, security researchers, or even criminals are developing new and more sophisticated methods of attack.  

Businesses must continuously change their approach to security to adapt to an ever-changing threat landscape. And new technologies, such as QC and XR, are elements of this constant change. For example, QC and computing power will allow organizations to evolve standard cryptography algorithms by providing cryptology research or simply by using brute force.

Some of the currently used cryptographic algorithms are based on the fact that computing systems are not able to deal with specific problems (essentially, big numbers). QC will change that, and also create new opportunities to build much more sophisticated cryptography algorithms which will actually allow us to better protect stored data.  

 We already have a concept of post-quantum cryptography (PQC) which involves developing quantum-resistant algorithms. Each change is an equal threat to the current status quo but can also bring innovation in the space and I strongly believe there is a vast sea of new opportunities.  

Q2. As cyber threats continue to evolve, what proactive measures should companies take to stay ahead of hackers who are increasingly leveraging advanced techniques such as deep learning and generative adversarial networks (GANs)?

Hackers are leveraging advanced techniques, and in response, companies should do the same when it comes to their own security. However, when looking at security holistically the first and most important aspect is the human aspect. Companies should regularly train employees on security best practices and the latest cyber threat trends. Simulated phishing or incident exercises can help prepare employees to recognize and avoid sophisticated attacks. 

Another element is simplifying incident response processes. Incidents will happen sooner or later, what's important is for the company to respond to them in the most efficient way that will significantly reduce the event's negative impact. Developing and routinely updating an incident response plan ensures a rapid reaction to any security breaches, minimizing impact and downtime as well as the negative PR effect. 

It's also vital to review your security architecture.  Consider implementing concepts like “zero trust architecture”, where trust is never implicitly given and verification is required from everyone trying to access resources on the network, regardless of their location. 

Do not forget about good security engineering practices. This includes Multi-factor authentication (MFA), segmenting your network, regular patching and updating to address known vulnerabilities and using threat Intelligence sources to stay ahead of security events. 

Finally, businesses should employ new technologies to improve their security. Artificial Intelligence (AI) and Machine Learning (ML) are ideal for log reviews and the correlation of events, while threat modeling and threat detection analyze your company's position regularly as security is a process, not a project. 

Q3. With the proliferation of connected devices in the Internet of Things (IoT) ecosystem, what considerations should companies keep in mind to ensure the security of their networks and data against IoT-based attacks?

The IoT ecosystem is challenging from a security perspective. Quite often devices recently connected to networks use old or outdated technologies, as vendors tend to focus more on functionality than security. This is slowly changing, but we still see new devices coming to market that use old or vulnerable versions of software. 

To tackle this challenge, organizations should classify their IoT ecosystem and perform a threat analysis. This helps them understand what data devices have, how they can negatively impact security, and identify what the worst-case scenario may be.  

Companies should also prioritize effective network segmentation. This involves placing IoT devices on dedicated network locations so any vulnerabilities or negative impact is isolated to that network only. Businesses should then test network segmentation once a year at the very least (ideally bi-annually and after any change) to ensure it's effective. 

Additionally, do not instantly assume any device is secure. Ensure that devices are hardened, set up strong passwords, disable or change default passwords and access codes, update hardware with the latest vendor-provided patches, versions of firmware and software, enable security functions like TLS or HTTPs and other security protocols and disable insecure protocols. These are old-school engineering practices but they still work in the current environment. Security is multi-dimensional, so ensure that all layers are addressed. 

Q4. How do you foresee the role of artificial intelligence (AI) and machine learning (ML) expanding in cybersecurity defence mechanisms, and what challenges may arise with the adoption of AI-driven security solutions?

We are super excited to see how AI and ML will change defensive security elements. This technology is opening a range of opportunities that companies should integrate with the most important aspects of their security infrastructure. The natural element where AI and ML can be employed is to analyze large data structures, search for patterns, and detect new threats. All these aspects allow companies to detect potentially dangerous events, correlate data, build structures, and understand more and more complex patterns of behavior.  

Obviously, the future of AI and ML is exciting, but there is work to do before this technology is deployed en masse.: Models need to be trained which is labor intensive, the quality of data used for training models is often lacking, false positives or false negatives are an inevitability, and there are a number of regulatory and compliance regulations to contend with.   

Q5. With the increasing reliance on cloud computing and remote work, what strategies should companies employ to secure their cloud environments and remote access points from cyber threats?

Train your personnel to be security savvy. Make them aware that hackers are everywhere.  Harden endpoints by ensuring devices employees use for remote working are secure. This begins by encrypting drives to protect company data when a device is lost or stolen and patching devices as often as possible, not only with OS patches but also application patches.

Companies can also employ Endpoint Detection and Response (EDR) solutions to monitor and respond to endpoint cyber threats, providing another layer of defence against sophisticated attacks. Similarly, enforcing cloud synchronization services ensures data is stored at centralized company servers, not on end-user devices. 

Q6. How can companies adapt their cybersecurity strategies to address the expanding attack surface created by the adoption of edge computing and decentralized architectures?

Decentralized architectures and edge computing are trends that have been influencing the market for almost two decades. It's more flexible to employ decentralized architectures, as this eliminates single points of failure. 

Centralized architecture involves creating a single line of defence that takes a lot of investment to build, but is easier to maintain once set up. Decentralized architecture is where you tailor security to different aspects of the organization. While this is easier to put in place, it is much harder to maintain as each security measure is different and varies in complexity. 

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button