Bremtane Moudjeb studied computer science and has worked for over eleven years at Cisco Switzerland. He has led the cybersecurity team there since October 2016. He answers questions in terms of IT security for telework.
This crisis caused many employees to suddenly switch to teleworking. What are the security consequences?
Bremtane Moudjeb: As we had to go very quickly, the security questions posed by videoconferences were not an immediate priority. The health of employees was deemed more important, and rightly so. But now is the time for companies to decide how they want to approach the future.
Will telework become the norm?
It’s a possibility. IT players have been working for years on solutions that work remotely and enable or facilitate virtual meetings, regardless of location and available equipment. These solutions are now being put into practice. When we talk about security, the question is not really whether an employee works from home; rather, it is about protecting the business as a whole and its business model. Companies must develop a comprehensive approach to security that maintains the stability of their processes and protects employees, even when they work outside the geographical scope of the company – at a customer, on the move or at home.
What does this mean in concrete terms?
The security of a shared communication infrastructure must be directly linked to network security. At the same time, all of the company’s systems must be continuously updated. Strong authentication, web and DNS security, VPNs, all of these tools should be part of standard enterprise protection. For all applications.
There has been much debate on the security of videoconferences. What is really important?
The vendor must include security and privacy in the development process, as Cisco does with the Software Development Lifecycle (SDLC). Webex is thus a turnkey solution, configured for optimal security. New functions should only be added after checking their security implications. The bare minimum is a combination of single sign-on (SSO) and strong authentication (Multi-Factor Authentication), for example on a smartphone, to add an extra layer of security. Conferences must be encrypted and no data relating to users must be transmitted to third parties. Companies must invest in a solution that matches the sensitivity of the information and data exchanged. Without forgetting that it is essential to show openness and transparency regarding possible security vulnerabilities for the solution to inspire confidence.
How can companies who want to develop a cybersecurity strategy do this?
Before even embarking on the development of a cybersecurity strategy, they must first understand and assess their resources, the places where they work and their information consumption model, as well as the challenges in terms of protection of personal data and compliance associated with it. We often forget an element, which is however fundamental: in the digital world, your resources, your employees and your applications must be protected on all types of device, everywhere and permanently.
Security is an extremely complex issue. Is AI the only cure?
Artificial intelligence, machine learning and automation are essential drivers of network security. The number of threats hiding in encrypted data streams is increasing. Machine learning helps to recognize these threats using behavioral models. Artificial intelligence learns to identify what is legitimate data traffic and recognizes patterns specific to attacks. It also allows for better quality meetings where administrators and attendees can focus on content rather than administrative tasks, such as writing minutes.
Do we still need humans for cybersecurity?
Absolutely. Artificial intelligence and machine learning save IT team security experts time; they can then devote themselves entirely to questions of strategy and resilience, such as the active search for threats (Threat Hunting). Conventional solutions only react to threats they recognize, while Threat Hunting also analyzes what is unknown. We can thus discover new malicious programs and security vulnerabilities. Regularly searching for threats can reduce the number of potential threat vectors.
–
