As companies continue to adopt digitalisation, interconnected systems and remote work solutions to increase their agility and efficiency, they're continually opening new attack surfaces for bad actors. Year by year, cybersecurity grows both in complexity and importance. Organisations need comprehensive, end-to-end security solutions and expert advice.

In this interview, Vasile Bota, Cybersecurity Portfolio Service Owner at Accesa, shares his insights on the most crucial cybersecurity threats today's organisations face, how best to address them, and how Accesa as a whole supports companies in ensuring business continuity.

1. What is the most significant challenge organisations face when securing their digital assets?

In today's context in the EU, cybersecurity for medium and large organisations has changed, becoming much more complex than it was 4 to 5 years ago. These are just a few new areas to focus on: remote workforce, ransomware resilience, cloud dependencies, supply chain, IoT device integration, compliance in the context of GDPR, NIS2, DORA or CRA and more recently, AI systems security.

All of these have added an extra layer of complexity to the organisation's cybersecurity. The biggest impact is at the management level, where the Chief Information Security Officer (CISO) must now handle technical and compliance/legal aspects. The complexity facing CISOs today represents a fundamental challenge that spans technical and compliance domains. A "today" CISO must manage a diverse technology stack with a wide security toolbox and a constantly expanding attack surface in combination with more sophisticated threats. In addition, managing compliance with new regulations, each with its own technical requirements, documentation and reporting obligations, requires a new set of skills for modern CISOs.

To manage the complexity, a successful CISO must adopt a unified control frameworks that address both security and compliance requirements. Also, automating compliance, building cross-functional teams and establishing clear communication channels between technical, legal, and business teams are crucial for modern CISOs.

This won't change soon, either. If anything, with new technologies emerging and regulatory frameworks expanding, CISOs will need to continue developing more sophisticated approaches to managing this interconnected landscape of technical and compliance requirements. There's a growing trend among organisations to split these responsibilities, and besides CISOs, we also see Compliance Managers or Data Protection Officers.

2. Are there any industry-specific threats that businesses should be aware of?

Modern attacks are more sophisticated, even state-sponsored, with unlimited budgets. They're executed in long-term campaigns focused on critical systems like core banking, SWIFT and inter-banking networks.

The Financial industry, for example, is experiencing attacks targeting real-time payment systems, SEPA transactions and manipulation of transaction monitoring systems to bypass AML controls.

Similarly, the Retail industry is also targeted with specific attacks like malware targeting POS terminals and payment processing systems, exploiting e-commerce platform vulnerabilities, and manipulating inventory and supply-chain systems.

The Manufacturing industry has recently been targeted with attacks specifically designed for OT systems, such as the exploitation of legacy industrial equipment. The most common targets are IT-OT gateways, connected sensors and automation systems.

3. What is the most effective way for companies to avoid potential security threats?

It's extremely important for organisations to have a comprehensive security program that incorporates a risk-based strategy aligned with business objectives. The program must also cover continuous assessment, regular penetration testing, security monitoring, and clear incident response procedures.

But a single measure won't solve the problem. Businesses need a set of measures, and I would also consider:

• Strong Access Control measures with Zero-Trust, PIM, MFA, RBAC and regular user access audits.

• Supply-chain or Third-Party Risk Management measures with vendor assessments, clear security requirements in contracts or incident response coordination.

• Measures to build a security culture in the organisation through continuous employee awareness trainings, security exercises to validate the policies, and procedures.

And on top of all these is the question of effectiveness. These measures must be integrated into business processes, and the organisation's executive layers need to support and allocate the necessary resources.

The whole business must commit to following a strong technical security controls framework like CIS CSC or NIST CSF. Executives should also consider proactive measures (awareness, continuous assessment, regular penetration testing) and reactive measures (monitoring and incident response).

4. When is creating a Security Operations Center the best option for protecting data?

Attacks are more ingenious, and attackers are more resourceful than ever. An organisation can only rely so much on proactive measures, such as preparing, organising, and testing, and hoping that's enough.

A proper security program will focus on detecting alerts and responding to incidents. Usually, these functions are offered by a Security Operations Center (SOC) service, and the need to employ one depends on the organisation's size, specific industry, and regulatory requirements. A SOC can help organisations meet the compliance requirements of NIS2, DORA, or CRA and avoid hefty fines.

Businesses can choose to build an SOC in-house or acquire it as-a-Service from a 3rd party provider. The decision highly depends on the organisation's size and the cybersecurity budget it's willing to invest in. Accesa can support organisations in building their own SOC from scratch into their infrastructure with their tools of choice or offer SOC-as-a-Service based on Microsoft technologies. We've also developed a consultative approach to help our customers find the best option for their needs.

6. What key aspects of a company's cybersecurity posture do you focus on most when providing consultancy?

Many factors impact an organisation's cybersecurity posture. A strong program will ensure a posture that protects and gives both customers and employees confidence in the business. However, choosing the right controls to focus on and deciding the right importance to give each control is not easy.

Accesa's cybersecurity consultancy solution is designed to help organisations assess their maturity based on a clear methodology following CIS Critical Security Controls and specific benchmarks. With this validated approach, we evaluate key aspects of a company's cybersecurity posture and perform a comprehensive risk assessment. Afterwards, we align risks with business, determine priorities and offer personalised mitigation recommendations.

Is your organisation prepared to face every risk? Get in touch and discover how our cybersecurity experts can help you ensure business continuity.