The digital security of companies revolves around IT hygiene

Source: Financieele Dagblad

A workplace must be clean, tidy and orderly. Tools must be in the right place, organised and without clutter or loose parts. Otherwise, accidents will happen. This principle also applies to the digital environment in which a company operates. The basics must be in order, otherwise every business management system is vulnerable to attack.

Basic hygiene must be in order to optimise the use of an IT environment and ensure its security, and to minimise the impact of a cybersecurity attack. Business operations are becoming increasingly digital and contain more and richer data. Yet when it comes to IT management in organisations and solving issues, a quick fix is too often chosen without looking at the underlying causes and the consequences associated with it. This regularly creates security risks because a quick fix can easily undermine a well-thought-out security strategy and implementation. That is the opinion of two experts from Ctac, who each contribute to the digital security of companies and institutions in their own field. Ctac is responsible for the security of a large number of Microsoft and SAP customers. They manage the security of the environments for these organisations, making them a major player in the field of cyber security and cloud management.

‘Security should actually be positioned horizontally throughout the organisation. It is important to be proactive, and therefore not just check on digital security every six months. It is a process of constant monitoring. We do, however, keep an eye on a company’s business management. We monitor, but actually try to work invisibly for a company.’ The speaker is Vincent Mejan, business development manager Digital Experience at Ctac. Both Van Beinum and Mejan agree: digital resilience is important. Ctac ensures that damage is repaired quickly, that improvements are implemented with clear communication and that the IT system is made stronger after an attack.

Artificial intelligence, or AI, is evolving at lightning speed and all kinds of attack variants will therefore be able to emerge from it. ‘Previously, we had what you might call technical attacks, but this is evolving into functional attacks. This involves a type of attack in which thousands of files, invoices or orders can be changed or rewritten in a company without the company even being aware of it. This makes the company susceptible to blackmail and it can be held to ransom digitally. You would need to employ a very observant tech-savvy IT manager to detect this. We are now also looking at how we can arm companies with AI against these types of attacks,’ says Van Beinum.

Functional-level security is therefore essential in such a scenario, the two Ctac experts are convinced. Another important aspect that is increasingly coming to the fore when it comes to cybersecurity is compliance. European regulations and guidelines are becoming increasingly strict and complex, especially with the NIS2 regulation that is about to be introduced in Europe. ‘It is important for every customer, especially because we are talking about a chain here. As a company, you are never an entity in itself; everyone is connected to everything. Customers, suppliers, consumers, etc.