On technology From Europe Interesting people

Paula Januskiewicz: Understanding infrastructure is not the same as knowing how to attack it

31. 7. 2024

The number of cyberattacks will not decrease. Let's face it and defend ourselves. This is how one could sum up the words of Paula Januszkiewicz, a Polish cybersecurity expert who spoke this spring at Security 2024, Aricoma's annual conference about IT security trends. Januszkiewicz, whose company CQURE has four offices around the world, spoke about why companies and institutions can't resist attacks, how to get more experts, and where the industry is headed.

Actually, it's a paradox. We all already know the importance of cyber security, and we have the tools to make it happen. Yet the number of incidents and their negative consequences continues to grow. How is this possible?

Actually, it's a paradox. We all already know the importance of cyber security, and we have the tools to make it happen. Yet the number of incidents and their negative consequences continues to grow. How is this possible?

"Imagine your day is packed with tasks, but you know you won't be able to complete them in 24 hours. So you have to accept a certain level of risk, and you don't know in advance how big that level is. Cybersecurity as a field is very broad, and it is difficult for administrators to take into account all aspects and risks at once," Januskiewicz explains her view, and just simple data from the Czech National Office for Cyber and Information Security proves her right. It recorded double the number of incidents in 2023 compared to 2022.

Businesses and institutions know this and are taking the security of their networks and technologies far more seriously than before. Even so, in the never-ending battle, they're more like a cop chasing a thief. The energy spent on solving problems and preventing them is still too little, or going in the wrong direction.

The best defenders are those who are most worried about business

"We lack experts, some detection systems are set up poorly so people then ignore alerts, organisations lack plans on how to behave in the event of an attack, and new threats associated with the advent of artificial intelligence add to this," Paula lists the most common problems as she, along with more than 60 colleagues, helps set up security and deal with the aftermath of attacks around the world.

Their clients include governments, banking institutions, companies in the oil and gas industry, as well as manufacturing companies and hospitals. And if Januskiewicz has observed anything, it's that the companies that take the best care of protecting their networks and technology are those that value their business the most. "Banks are a good example. They know that the most valuable thing they have is their trust and reputation and they don't want to lose anything at any cost," she explains.

2024-03-28_TOM2225.jpg

She and her colleagues help with acute incidents, but more often they conduct comprehensive infrastructure audits before an incident occurs. "It happens repeatedly that companies don't have enough trained staff to deal with the situation, and that's when our expertise proves crucial. It's not that cybersecurity is not appealing, it's more that in our industry you have to learn a lot of new information beyond the normal IT and, more importantly, a different point of view. Knowing the infrastructure helps, but you don't build it, you have to know how to attack it," Januskiewicz flips the optics.

For many professionals, she says, this can then lead to feelings of insecurity: "Do I know enough?" "I am well aware of most of the developments in my field, it's my passion and my profession, I follow it. But I don't know about every new tool, I haven't read all the new research. I stay informed enough to be confident in my knowledge and skills. That if a customer is targeted, I'll always know what to do. But I understand that for newcomers to the industry, this constant flow of information can be overwhelming," she admits. That's also why she advocates the approach that you can't operate as a solitaire in cybersecurity, but have to network and share all the time. Because at any given moment, someone in the world is experiencing a new attack, which can then help other people. And by the way, this is why the Security conference exists.

2024-03-28_TOM1929.jpg

Paula Januszkiewicz

CEO and founder of CQURE, cybersecurity expert, penetration tester and trainer, Microsoft MVP and Microsoft Regional Director. A world-class cybersecurity expert, she provides consultation to customers worldwide. A 2017 graduate of Harvard Business School, she speaks at the world's largest conferences, conducts penetration testing, architecture consulting, training and workshops. She is a member of the technical advisory board at the Royal Bank of Scotland/Natwest. And to top it off, she has access to Windows source code.

"In our industry you have to learn a lot of new information beyond the normal IT and especially a different point of view. Knowing the infrastructure helps, but you don't build it, you have to know how to attack it."

On technology From the Czech Republic Interesting people

The future of AI? ChatGPT-based language models for businesses

22. 11. 2024

Chances are, you're already familiar with it and are no stranger to the word "prompt". The use of generative AI tools has massively increased in recent months, but they can't be used everywhere. Sensitive corporate data doesn't belong in the public domain. So people are looking for ways to create protected systems that allow analysis and generation of information without data leaks. Aricoma's specialised team is working on this and has therefore also teamed up with the mathematics institute of the Brno University of Technology.
On technology From the Czech Republic Interesting people

We kept getting rid of chip production in Europe, now we struggle to get it back. But it is worth it

17. 9. 2024

"We've been carrying chip debt since the 1970s, Europe was happy to get rid of chip production because it's water and electricity-intensive. And now we're slowly and painfully catching up. At the same time, we will need more and more chips, and even more sophisticated ones than today," says Tomáš Pitner, professor at the Faculty of Informatics of Masaryk University and head of the research centre, about the situation in which the Czech Republic and Europe find themselves. But in exactly which way?
On something different Interesting people

Around the world on a motorbike in 606 days

11. 6. 2024

 

65,000 kilometres, 22 countries and 606 days. In 2016, motorcyclist and traveller Vojta Lavický set off with his then-girlfriend on the trip of a lifetime around the world. Thanks to this, he saw with his own eyes the remote villages of Peru and Huascarán National Park, the yurt pastures and wild horses of Kyrgyzstan or the Mongolian lunar-like landscape. The trip showed him many times that even bad things are good for something in the end and that the most important thing about travelling is to have the courage to actually go.
Other articles
We care about your privacy

We use cookie identifiers that are necessary for the functionality of the website. By clicking on the "I understand" button, you also agree to use other types of cookies for statistical traffic measurement or to customize content and target marketing according to your interests.

The consent granted in this way can be revoked at any time or set according to your preferences. In the "Cookie Settings" option, you can find more detailed information on the whole issue.

I understand Cookies settings Only necessary cookies