The colour of the hacker’s hat

On October 25 the CIOforum, ISACA Belgium and Antwerp Management School organise a CIO Speaker’s Café on cybersecurity in Technopolis, Mechelen. Access is free, and I’ll be there to talk about hackers and IT/OT (aka Information Technology and Operational Technology). Interested in a sneak preview?

Hackers with different hats

First on the agenda: the different kinds of hackers. A black-hat hacker is a hacker who is aggressive in nature and violates computer security, for example for personal gains. A derived version thereof is the red-hat hacker, who is employed by a government agency. His purpose is to hack into computer mainframes of other governments in order to disable or cripple them. There are also grey-hat hackers who can be both helpful and harmful, for example the Anonymous collective. White-hat hackers are security specialists you hire to verify the security of your networks and applications. They are your partners in crime to improve your level of security. At Toreon, we see ourselves as white-hat hackers.

And then there’s you. You might not mean to, but the largest cybersecurity risk comes from you. An analysis of the data from 1982 to 2010 found that the type of security incidents affecting control systems breaks down as follows: 50% of incidents were accidental, 30% were due to malware infections. Only 20% was the result to external or internal attacks.

Assessing the risks

If an incident occurs in an ICS environment, the impact on your business, on human safety and on the environment can be huge. Luckily you don’t have to just sit there and wait for an incident to happen. There are ways to proactively improve your cybersecurity. A security team, an inventory of your IT/OT environment, a verification of your security levels, good governance and awareness in your organisation are key.

Want to hear the rest? Join me and amongst others Ronald Verbeek (Director CIO Platform Nederland), Jethro Cornelissen (Cyber Security Incident Response Team Rabobank) and Yuri Bobbert (CISO, lector and Researcher Antwerp Management School) at the CIO Speaker’s Café! More information can be found here. Or you can send me an email.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *