Following this year’s cybersecurity summit we’ve run a small poll with our speakers to squeeze a few more drops of wisdom out of them. We were half-expecting everyone to be saying the same things but to our surprise, there was a huge variety of thoughts. Good thing we opted for open-ended questions then. Here is the consolidated version.

1. Cybersecurity 2020: Describe it in one word or phrase

• Cloud security.
• Distributed.
• Fancy tools without fancy knowledge.
• Needs to adapt to remote work.
• Part of the business.
• Every threat is greater than before.

2. Name the biggest challenge in organizing remote work

• Lack of security controls.
• Distributed workforce.
• Secure connection.
• Confidentiality.
• Making sure that all the platforms are safe to use.
• Complexity has tripled.

3. Which person (position) in the company is most likely to be targeted by a phishing attack?

• CTO, CEO, CFO, CISO
• Support.
• Any, including Cyber Security Professionals.
• Admin.

4. Please give a cybersecurity tip to a 12-year old

• Don’t post anything on social media.
• Use a password manager.
• Read what you click “Yes” to.
• Cyber hygiene/Awareness.
• Secrets have to remain secrets. Guard them well.
• What you share today could hurt you tomorrow.

5. Please give a cybersecurity tip to a 65-year-old

• Be cautious about suspicious emails. They might be fraudulent – think several times before opening attachments or links in the email. Pay attention to the sender address.
• If you do not turn it on you are safe.
• Read what you click “Yes” to.
• Cyber hygiene/awareness.
• Your online identity is the same as the real one.
• Be cautious, that email or app may be designed to hurt you.

6. Please name 2-3 things, which are essential for the success of a cybersecurity strategy of an organization

• Management buy-in and up-to-down approach for security. Proper risk management process.
• Leadership buy-in and support.
• Practical mindset, general cyber hygiene, cyber disaster testing.
• Common understanding of the risks, the road map for security, visibility in the network.
• Management leadership in words and actions. 2. Skilled security personnel who can guide the rest of the colleagues 3. Sufficient budget to cover at least basic security needs.
• Collaboration between (non-IT) departments.
• Policies first, technology second.
• Keep asking questions about how a system can be used, look hard for security holes.

7. What is your organization’s cybersecurity priority for 2021

• Data leakage prevention.
• Decreasing the attack surface.
• Visibility.
• Make sure people constantly learn and improve.
• Remote working is here to stay, forget the perimeter as there isn’t one.

8. What will be the biggest cyber threat to companies in 2021?

• Governments proliferating their tools to criminal organizations.
• Good old phishing with cyber hygiene coming second.
• Negligence of cloud security best practices.
• Internal users not understanding the risks of collaboration.

9. Which is the biggest source of cybersecurity risks?

• Family.
• Public Wi-Fi.
• Facebook/social media.

10. At which point should an organisation seriously consider hiring/renting a full-time equivalent of a cybersecurity specialist?

• When an organization has a proper cybersecurity strategy.
• 15 people depending on the business type.
• Anytime when the size of the organization’s operation and its services exceeds the capabilities of a single sysadmin.
• When your core business is highly dependent on IT.
• When the potential loss to your data/reputation/operations exceeds your internal threshold.
• When data becomes the most valuable part of an organisation.