Brand Post

Transition Technologies PSC revenue from services to cybersecurity providers grows rapidly

Wojciech Wąsik, Chief Digital & Information Security Officer at TT PSC in an interview with ISBtech about current trends in cyber security.

What are the current cyber security trends from an IT solution provider’s perspective?

From the standpoint of working with global cyber security solution vendors, we are witnessing a large increase in demand for systems development in several areas. This includes the detection and management of infrastructure and system vulnerabilities, which are increasingly being deployed as part of sub-provider verification or to perform regular vulnerability testing of externally accessible services.

It’s also real-time analysis of network traffic and user activity to identify patterns that could indicate a potential attack. Increased interest is also evident in solutions supporting secure authentication and identity management – MFA (multi-factor authentication), integration with hardware keys, passwordless or 0FA (Zero-Factor Authentication), as well as solutions for securing communications in IT/OT systems (including IIoT).

We are also observing an increasing number of requirements to ensure the security of infrastructure and service migration to the cloud. This applies to both the planning stage of the project itself (security issues in addition to business continuity are a priority), as well as the cyclical verification of vulnerabilities and configuration changes after the project is completed. This is undoubtedly influenced by the very popular and unfortunately extremely effective ransomware and phishing attacks resulting in loss of account control and risk of data leakage.

Are you seeing an increase in customer demand for specific cyber security services and products based on TT PSC data?

Ads

At TT PSC, we consider the cyber security market from the angle of our clients – on the one hand, who are large providers of such solutions or their customers – and on the other hand, we look at the market globally. The spending trend in this area is on the rise and is linked to the successive digitization of companies and reinforced occasionally by various types of events, such as a pandemic, war or the spectacular consequences of a cyber attack. We also witness more and more clients reporting the need for cyber security services for them (penetration testing, CMDB system implementations, audits, IT/OT consulting).

RELATED:  Helpful Tips on How to Get a Perfect Score on the SAT Test

Nonetheless, following the increased interest in protection against cyber attacks, we are already noticing the first signs of a change in trend due to concerns about an impending recession. The situation is well illustrated by our results and order book. Our revenues in the area of software services for cybersecurity solution providers tripled between 2021 and 2022.

Has there also been an increase in companies’ awareness of cyber security and what has influenced this?

Yes definitely, although it is hard to pinpoint one dominant factor that has influenced this. Global supply chains, the development of technology, the increasing digitalization of companies, administration or everyday services, the popularization of remote working (caused mainly by pandemics) or now the threats due to the war in Ukraine are just some of the events that are stimulating the global trend of increasing awareness of cyber threats. Clearly, the changes go hand in hand with a growing demand for more and more effective methods of protection against threats, as well as for employee training in this area. All this to protect their own data, communications, business processes, and to keep the business highly resilient to the impact of external and internal risks.

As an example, we encounter more and more situations where a standard part of the process of establishing a relationship with an enterprise customer, is to pass a vulnerability scan or other verification of the level of security in place within the organisation. Often, these customers require proof-of-concept testing or proof that the solutions being deployed are secure and resistant to attacks.

What technologies support cyber security?

Recently, AI and Data Science technologies, data encryption and authentication techniques have been the ones getting the most attention. Let’s focus on the former. These are mainly used for behavioral analysis to detect deviations from typical behavioral patterns and data flows. Combined with security policies, advanced network systems and automated SOC processes, behavior identified as suspicious can be immediately pinpointed and isolated, thus reducing the severity of an incident or avoiding it altogether.

Data encryption techniques, on the other hand, are particularly relevant when using cloud services, transferring and storing sensitive data in such services. Particularly noteworthy is the development of homomorphic encryption, which will allow the manipulation of data without first decrypting it. In this way, data is always protected from unauthorized access. Last are authentication techniques. Today, the common use of mobile apps to secure authentication comes as no surprise to anyone, but there are many other solutions on the market, such as dongles, or Passwordless or Zero-Factor Authentication solutions. These are combinations of multiple factors monitored continuously that grant or block access to services dynamically.

RELATED:  Reasons why use a project management software

The reality, however, is much more complex. Individual technologies are only components of broader solutions, such as Zero Trust Policy, Endpoint Security, SIEM, or Extended Detection and Response, which, when properly implemented, provide highly effective control over the security of an organization’s end-users and resources. Moreover, even the most expensive investments in technology will not bring adequate results without the right competences, effective processes, and a conscious organization.

What is the issue of cyber security in industry? Is it always possible to integrate old systems with new technologies?

This is undoubtedly a challenge, mainly since the old systems were often not designed for data exchange. While, from an economic point of view, their use is justified, they are often a problem in the context of digitalization. Conversely, it is the implementation of modern solutions and digitalization that increases the threat of cyber attacks. IoT systems, 5G connectivity, remote monitoring, integration of production management systems, or ‘digital twin’ solutions generate huge volumes of transmitted data creating unprecedented risks associated with the interception or disruption of exchanged data.

For organizations that have embarked on a very radical digital transformation in particular, it is essential to ensure adequate organizational and technical measures to minimize the risk of a cyber attack, or its consequences. Very often, these types of challenges are beyond the internal capabilities of industrial companies, which focus on what they do best, which is manufacturing products. In this case, the support of a trusted technology partner is indispensable.

Are industrial companies in Poland investing enough in cyber security? How do things look on a global basis? Do we have a lot of catching up to do?

We can surely see a growth in investment in this area, both in Poland and globally, which is an expected response to changes amid the pandemic and the war in Ukraine. However, many companies choose to implement only basic security measures (firewall, malware protection, network security) or take a “step-by-step” approach to cyber security every year by assessing areas that need investment and planning improvements.

RELATED:  Significance Of Role-Based Training

What we do observe, however, is in fact a trend for companies developing internal systems to include cyber security requirements in their basic requirements, allowing them to secure adequate resources for such projects in advance. There are many reasons for this, including the fact that building a comprehensive and airtight cyber security system from scratch is relatively expensive, and demonstrating a direct return on investment is extremely difficult. A strategy based on the consistency of new investments with internal security policies seems to be a sensible solution to gradually secure critical elements of the organization.

What role will cyber-security issues play in the future, is it growing and why?

I’m sure the role is getting bigger and bigger. This is a natural consequence of digitization and the growing importance of the network in our business and daily lives. We are already seeing that criminals prefer digital tactics, which is often cheaper, less risky for them, and makes the group of potential attack targets much larger as well. Companies report that more than 95% of employees have access to company infrastructure, systems and data on a daily basis. At the same time, year after year we see an exponential increase in incidents (mainly phishing and ransomware), which sometimes (as in the case of the attack on Colonial Pipeline in May 2021) expose shortcomings and the treatment of cybersecurity as an abstract threat.

The market sees the potential here and new technological solutions are very often predictive by identifying risks at an early stage. Ongoing regulations, as well as education, are also significant. There are already statements promoting the introduction of regular school subjects or university classes on cyber security. The trend will continue and in the coming years we will see a successive increase in awareness of threats and thus a wider adoption of cyber security solutions.

Show More

Related Articles

Back to top button
Close