Video
Podcast | Cyber trends – what should we know?
Cyber security is a process that we need to approach comprehensively. On-the-spot action can give the illusion that ‘som...
Podcast | How to keep your company safe at low cost?
On his dual role as the head of the Cyber Security and IT Departments and how to orchestrate the operation of 14 teams to work well together. What problems do customers report to us and what services should we invest in to ensure organization’s security? – This topics will be addressed by Karol Wróbel, director of the Cyber Security and IT Department.
October is the European Cybersecurity Month. Just like every previous year, EXATEL uses this time to popularise the knowledge about the safety in cyber space. Our goal is to not only warn against the potential threats, but also to promote responsible use of the network. As part of my podcast series, I will talk with experts from the cyber security department about trends and threats in the security area and how EXATEL deals with them. Sylwia Buźniak, Senior HR Business Partner EXATEL. Let’s begin.
[00:00:33]
Hello everyone. In today’s guest is Karol Wróbel, director of the cyber security and IT department at EXATEL. Hi Karol.
- Hi Sylwia.
Karol, since this is the first time we have a chance of talking in this format, I’d like to ask you first, what you’re up to now professionally?
- Well, some things have changed in my life at EXATEL. For three and a half years I have been the head of the cyber security department, but since the beginning of this year I’m also the head of the IT department, so there are a lot of tasks, but I am very happy to be able to carry them out and to also coherently implement the concept and strategy that we’ve adopted earlier with the board.
Since you are in charge of two departments now, you actually manage two departments, what are your plans for the immediate, nearest future?
- This is also an interesting question. We are, in a way, coming up with the standardization of a large number of services, to kick-off the cooperation, as far as the cyber security department is concerned. We are also commercializing the issues within the IT department, because the two departments are a total of fourteen teams, independent of each other, which cooperate, let’s say, in the process of improving cyber security, the issues related to the implementation of new IT technologies, support and development.
Yhm. Also IT and cyber, will always interweave, but I would like to focus on the cyber area right now. What kind of problems do your customers come to you with?
- Yes, they will. As for those problems and issues, from our perspective they are very different. However, it is often the case that the issue with which the customer comes to us, which they think is the source of their problems, isn’t necessarily that, when it comes to the organisation of the whole process of improvements on a given subject. We are trying to be a trustworthy partner, so that we can give the best advice on what is the best way to work in our opinion; to achieve the best costs and for it to actually have real results. Of course, by the end of the day it’s the customer that decides if they agree with our optics or if we stick to our initial concept. This is because we listen very closely to our customer’s needs, however, this is still about conversation, looking for the source issue. In this relation we are trying to build, this is the clou of the whole thing, in my opinion.
So research of needs comes first.
- Oh yeah, definitely.
And what suggestions do you usually have in this initial phase of cooperation?
- We’ve been working on this issue for, in fact, several years now. Since I’ve been the head of the cyber security department, I have been paying very close attention to the proposals we can make at the very beginning of the cooperation, for example a security check. It’s a relatively small project when it comes to costs and the experts involvement, both on our side and on the customer’s. In my opinion it has a great impact. We are kind of suiting up as the attacker and realistically just like the determined attacker, we are trying to break into the organisation, which concluded with a report, gives great results. Another issue in this aspect, is for example, the subset of this recon, e.g. the execution of phishing campaigns. There is also a different aspect on the other side. Here we would be focused on the attacker, but in this whole process we also have the defending party, right?
Yhm.
- And what can we do then? Well, if we are fortunate enough, we have some sort of cyber security officer internally. They should support us, but will they be able to do it fully and in case of every type of an incident? I don’t think so, do you? We measure the forces through the prism of peace and once the incident happens, a serious incident, which lasts for days, maybe even weeks then usually the consequence and force may not be sufficient even in a team that is relatively big. That’s when you would need some support. And here, what in my opinion matters in the beginning of the work is the SOC assistance, which in its basic version costs around a few thousands yearly. The product allows for a real support of the whole cyber security department of EXATEL. It’s a few dozens of people, ready to support given organisation, should an incident occur. So those, those are the products we focus on the most.
[00:05:25]
And what specific issues do the so-called ‘low entry threshold products’ help with?
- Well, first of all, this is very important and I have just briefly mentioned it, they allow us to get to know each other, right? As the service recipient and as the service provider. Now, in the case of IT services and cyber security, those combinations are greatly needed, therefore, as the head of those two fractions, I’m striving for a real, honest relation, where we talk to each other and chose measures adequately to the needs. I don’t need to remeasure projects because that’s not the point. I need to get to know the customer, the team on the other side and decide whether the cooperation will be effective, because this is beneficial for the end user as well as for me, right? This is the best possible situation. Of course, this is not required in the ‘low entry threshold products’, because that’s what they’re for, so we can get to know each other. So that we can see how we work together. Of course, the first result of this work, or the clou of these exercises, is somewhere else entirely. It is the report, providing the information to the end customer and telling them whether the infrastructure is secure, telling them how they can improve the security, which steps it would be reasonable to take initially.
Yhm. And what’s the best way to learn more about how these services work?
- Recently, in fact since this year, we have adopted something we call EXATEL’s roundtables concept, which we have previously used at conferences. Now we came to an agreement with various teams inside EXATEL that such a formula of forty-five minute conversation between engineers or managers from the customer side, who have an understanding of what issue they would like to solve, directly with hardware engineers, with managers from the cyber security department side, that is, real practitioners, will allow to better quantify this need. That’s how we are trying to achieve what I said before. That usually this potential issue someone comes with is not necessarily what is the root cause of the problem and during such meetings we try to understand each other, these meetings are non-committal, right? While discussing, we are trying to understand each other and to fully go over the issue, decide what approach we should take, what is the solution that we, people with over 10 years of experience, envision, what can we offer from our perspective. Only then, if the prospect, the customer is interested, we can continue the discussion in separate meetings.
And if the customer doesn’t really know what they need yet, or their awareness about cyber security is very vague, can such a meeting clear up their doubts, or add to their knowledge so that they can make decisions later?
- Yes, yes, as I just mentioned, this is a non-committal meeting with experts with years of experience, so we try to share this experience as soon as possible. This is one of the possible forms. It’s forty-five minutes of conversation and we’re trying to come up with some kind of an answer. However, if someone is more interested with any particular issue, the workshops are also a great formula of getting the knowledge. For example the InTech Day workshops, which will soon begin. Take this as an invitation. During workshops such as InTech Day one could truly get the gist of the process. We prepare various exercises, I myself created scenarios for them around three years ago. It gave me a lot of pleasure. Now it’s in the hands of my colleagues who do it better. We have this technology group, in which we know each other quite well, at least I think so. On this basis, we built the formula, often based on the Capture The Flag competition, so on the one hand it is an opportunity to familiarize oneself with the platform, while on the other hand getting to know the techniques and tactics of the attacker and the defence measures against them. It’s also a possibility of touching an interface, a platform or more, depending on the formula of the workshops. Anyway, it gives us the chance to, first of all, know the platform and second, to speak with people who have a lot of expertise in the matter.
Thanks Karol. It sounds very interesting, so I’d like to join Karol’s invitation, and I hope we will have the opportunity to talk about, in more detail, about EXATEL’s products in the future podcasts.
- Thank you very much Sylwia, as always I am available, thanks.
Thanks!
