“The most bizarre and strange feeling is when national government systems are hacked, and national personal data is stolen. One feels so hopeless.” So said Dr. Vilius Benetis, CEO of NRD Cyber Security, to “Baltic Business Quarterly”. His company was also one of eight finalists in the German-Baltic Business Award 2020.
What is your core business? What are the most popular products you have developed?
At its core, NRD Cyber Security helps companies, organisations and governments to establish professional cybersecurity teams to handle cyber incidents. These teams are called Security Operation Centers (SOCs) or Computer Security Incident Response Teams (CSIRTs). We establish relevant processes, train staff, and implement our own technology as well as that required by third parties.
Which product did you participate with at the German - Baltic Business Award?
The CTI Core platform is a turnkey solution for CSIRTs and SOCs for their process automation of incident coordination. It has been developed for CSIRTs and SOCs based on real implementation needs, and is available as a real-life or virtual solution. When looking at Germany, all medium-sized and large companies there will need to own or outsource SOC or CSIRT services in the next few years. Different SIEMs, SOARs and similar technologies are there – so there is plenty of choice. But where will humans cooperate with other humans on resolving incidents collaboratively and effectively? This is what we are aiming to contribute to.
Did Covid-19 increase cybersecurity risks? In what way?
There are many areas in which cybersecurity risks have increased. The demand for cybersecurity is amplified especially by the following factors: Cyber-space and the use of digital services are growing, thus there is more space for cyber incidents to happen. Criminals cannot benefit in older way under lockdown; thus they are turning to cybercrime methods online.
Are companies in Lithuania or in the Baltic states in general willing to invest in their cybersecurity? Does the situation differ in the Baltics and in Germany or in the rest of Europe / in the world?
Baltic countries are comparatively small and are moving very fast towards digital services. Handling digital risks is natural part of this. Sometimes, action is taken after the incidents, and sometimes by experienced managers. Overall, the situation is similar, especially when most businesses are very small and cannot invest much in cybersecurity.
What are companies’ weakest points in the field of cybersecurity which should definitely be strengthened?
It should all start with senior managers, who are responsible for all assets of the company (including digital), discussing common threats in the industry with their teams (ransomware, phishing, business email compromise, etc.) as well as their preparation and incident response. These discussions allow people to clearly see the business impact and what action should be taken. For example, maybe to have an external team readily available in case the need arises?
What is the most interesting or bizarre security breach you have had to deal with?
The most bizarre and strange feeling is when national government systems are hacked, and national personal data is stolen. One feels so hopeless. Such attacks happen all around the world.
What does the future hold for the field of cybersecurity?
The future will be much more collaborative in defence. More and more organisations understand that they need to join forces in detecting and responding. Like “safe neighbourhood” volunteer programs in the city communities.
Interviewed by Eva Eirich
“Baltic Business Quarterly”