Interview with Mohamed Ourdane, head of the Cyberforce department at POST Luxembourg

Interview with Mohamed Ourdane, head of the Cyberforce department at POST Luxembourg

"Digitalisation relies on the confidence ensured by cybersecurity".
 

2020 was both the year Cyberforce found its feet, and the year in which the team demonstrated its added value on a daily basis in response to the new types of risk generated by the crisis. In this interview, Mohamed Ourdane, Head of the Cyberforce department at POST Luxembourg, looks back at this unique year and discusses POST’s next cybersecurity goals.

Do remote working and the rapid Digitalisation of many companies lead to new types of risk?

Mohamed Ourdane (M.O.) The pandemic acted as a catalyst for the Digitalisation of sectors that had not been especially keen to change initially, such as industry. Once a company goes digital, it is no longer isolated: it has extensive contact with its employees and customers and the boundaries of the IT system become blurred. The risks change. Above all, it’s important to think in terms of likelihood and impact. Hacking techniques have become more sophisticated and more accessible, enabling cyber criminals to bring down a company or even an entire economy. That’s why we have to think of cybersecurity and Digitalisation as two sides of the same coin. You can’t have one without the other: Digitalisation relies on the confidence ensured by cybersecurity. In the same way, cybersecurity only makes sense in the context of growing Digitalisation.

What steps can be taken to ensure that you always have the cutting-edge knowledge you need to respond to new attacks?

M.O. Firstly, you have to build a team of people around you with strong, diverse expertise and the right mindset. They need to be able to constantly question their assumptions to keep up with the rapid pace of change in the sector, engage in training, and stay up to date with the latest technologies. To respond to and contain an attack, you also need to know what’s happening in almost real time. Lastly, real added value comes from knowing how to combine the amazing potential of artificial intelligence with the expertise of team members so as to improve detection and automate the response where possible.

What were the Cyberforce team’s key achievements in 2020?

M.O. After the launch of the department, 2020 was the year in which we found our feet. We hired people with cutting-edge expertise, established an organisational structure covering all aspects of cybersecurity and implemented tools to help us achieve our objectives. Our focus in 2021 will be fostering internal collaboration and external partnerships, as well as further automating our threat response.

Do you think company directors prioritise cybersecurity as they should? Has the crisis changed things in this regard?

M.O. First of all, POST’s management team, which is fully aware of what is at stake, has always been very well versed in these issues and given us ad-hoc resources. This is one of the reasons why POST is renowned and recognised for its expertise, its services, and of course its infrastructure. Spurred on by governments fearing increasingly sophisticated and frequent attacks, companies are now very much up to speed. It has taken quite some time to get to this point. While company directors are aware of the risks and potential impact, they generally tend not to put a strategic plan in place to protect themselves until they have fallen victim to hacking or read press reports about an incident in their geographical or sectoral neighbourhood.

2020: THE YEAR THAT PUT POST’S APPROACH TO CYBER TO THE TEST

The POST Cyberforce CSIRT (Computer Security Incident Response Team) publishes a report called “Météo de la Cybersécurité” (Cybersecurity Weather Forecast) every quarter, offering an invaluable gauge of the latest online cybercrime affecting companies and individuals.

A look back at the main attacks recorded in 2020:
 

NUMBER OF ATTACKS RECORDED

TOP 5 INCIDENTS IN 2020