Header image overlay

Retrospective Cybersecurity Star Lunch: Current challenges, brought interactively

Cybersecurity has evolved from a purely technical IT concern to a strategic priority affecting every department. More and more organisations are finding that security is not only about protection, but also about facilitating growth and innovation. To explore this shift, we organised an exclusive Cybersecurity Star Lunch with Fortinet last week at two-star restaurant De Slagmolen in Oudsbergen.

Together with Cybersecurity Evangelist Patrick Commers (Fortinet), we explored current challenges and effective strategies that fit today's reality.

Recurring Cybersecurity themes

The event became an interactive trade discussion on current cybersecurity challenges. Our new CEO, Joachim Lauwers, kicked off with a brief introduction about VanRoey. We then took the bold decision to continue the day without a PowerPoint presentation. 'What are the biggest cybersecurity challenges within your organisation?' - This input formed the basis for a lively dialogue between our participants and Security Evangelist Patrick Commers from Fortinet.

Some recurring themes that emerged were:

  • Control and overview: As IT becomes more complex, companies are looking for ways to better monitor and control their systems.
  • Secure connections for hybrid work: With many employees working flexibly, reliable networks are essential to provide secure access to company systems from anywhere.
  • Shadow IT and awareness: Employees often use tools out of IT's sight, which obviously poses risks. Creating awareness among end users is therefore a key pillar in security.
  • Risk management and compliance with NIS-2: The new NIS-2 directive emphasises the importance of cybersecurity for organisations, especially in critical sectors. Besides increasing the security of their own infrastructure, companies must also strengthen security within their supply chain. This means that organisations that want to be NIS-2-compliant may start imposing security audits on their suppliers. By taking the right measures, companies can not only comply with legislation but also gain a competitive advantage.
  • Complexity of security: You can't defend against threats you don't see, so many incidents go unnoticed (IT gap). Skilled IT personnel are scarce, and there is no all-encompassing solution. A platform approach helps protect, detect and respond through automation, easing the workload on your limited IT team. Moreover, it is crucial to determine which core competences you manage internally and which are better outsourced to a partner such as VanRoey (e.g. via Managed Services).
  • The IT gap: The increasing difficulty of finding qualified staff is a major challenge for many organisations. However, an integrated approach offers a win-win in both directions: not only does it relieve limited IT teams, but it also creates a secure working structure. Regardless of where business applications reside (on-premises, in the cloud, or hybrid), connections must always be secure. This is crucial, especially with the increase in working outside the organisation since COVID. Solutions such as the SASE framework and SD-WAN optimally ensure these secure connections.

Convergence of IT and OT

During the session, participants highlighted the growing challenges around the convergence of IT and OT. Where previously only IT required security, now operational technologies, such as production machines and networks, are also connected to IT systems. This evolution brings new risks. A cyber incident could affect the entire business today, sometimes even with physical consequences.

Together with Fortinet, we offer solutions specifically designed for this convergence, securing both IT and OT environments in an integrated way. This kind of technology ensures that companies reap the benefits of digitisation without compromising security.

For manufacturing companies, we see 3 main challenges:

  1. Increasing complexity: The 'merging' of IT and OT networks makes systems more complex and difficult to manage, which logically leads to new security risks.
  2. Advanced malware: Targeted ransomware attacks such as LockBit which can significantly disrupt production processes with major financial consequences.
  3. Regulation: With the introduction of NIS2 guidelines, among others, your current security protocols need to be taken firmly in hand.

The topic 'OT-Security' was discussed in detail at our OT Security Lunch, at the end of April 2024, in Mechelen. Read the retrospective report here of this event.

AI: A double-edged sword in Cybercrime

Artificial Intelligence (AI) is on its way to becoming a powerful tool within cybersecurity. It can help to detect threats quickly, such as anomalies in network traffic, making risks visible early. But as our participants pointed out, AI also has a downside. Cybercriminals use AI to refine their attacks and make them harder to detect. So it is essential to deploy AI smartly and carefully. Our partnership with Fortinet ensures that companies can rely on advanced AI solutions that detect threats without introducing new risks.

 

The impact of NIS2 and Next Steps

NIS2-Sector-Circle

Since 18 October 2024, it applies to a wider range of sectors, such as manufacturing and logistics, and emphasises the importance of structural cybersecurity. The directive offers organisations not only compliance, but also a strategic advantage: companies that comply with NIS2 strengthen their trust with customers and partners and increase their resilience against digital threats.

The added value and implications of NIS2

NIS2 helps companies further professionalise their cybersecurity, which means more than complying with legal requirements. The round table highlighted how this compliance provides opportunities to improve security processes and proactively manage risk, especially through new technologies such as AI-driven detection and zero-trust networks. Working with partners and betting on innovation ensures that companies are not only compliant with NIS2, but also stronger in a dynamic threat landscape.

What does the new European Directive entail? More info on NIS2 can be found here.

VanRoey and Fortinet: your partners in (Cyber)crime

Our partnership with Fortinet offers companies a proven, strategic approach to strengthening their cybersecurity. From hybrid working to protecting OT systems, and from AI-driven detection to risk management and compliance, we deliver solutions that fit your organisation's scale and needs. Fortinet differentiates itself with its unique platform approach, where all security solutions are integrated on one central platform. This integration and automation of detection, response, and protection mechanisms unburdens the limited IT security team and increases efficiency. With Fortinet technologies such as zero-trust networking and secure access service edge (SASE), we make secure and future-proof IT environments accessible to businesses of all sizes.Fortinet Expert Partner | VanRoey.be

Wondering how we can support your organisation and IT team? Contact us.

vat no.*

"There are no miracle solutions to reduce the complexity of cybersecurity. Adopting a platform where automation and integration are key. "

share this post:

Ready for NIS2?
Our specialists take a close look at your organisation's security with a particularly thorough scan.
Since 18 October, NIS-2 is officially in force! Together with our partners, we are organising a Cybersecurity Workshop on 30/01 to share practical insights and tools that you can apply immediately to protect your organisation and become NIS-2-compliant.