SOCRadar® Cyber Intelligence Inc. | Executive Interview: Mr. Miroslav on Mastering the Dynamic Cybersecurity Landscape
Home

Resources

Blog
Mar 20, 2024
5 Mins Read

Executive Interview: Mr. Miroslav on Mastering the Dynamic Cybersecurity Landscape

In the fast-paced and ever-evolving cybersecurity realm, staying ahead with the latest trends and technologies is crucial for developing effective defense strategies. Our insightful dialogue with Mr. Miroslav, Chief Information Security Officer (CISO) at a large Central European software company, unveils the current and forthcoming challenges in the cybersecurity field.

Navigating the AI and LLM Landscape

In an engaging discussion with Mr. Miroslav, we delve into the dynamic field of cybersecurity, reflecting on his invaluable insights and experiences. This conversation merges both his in-depth interview and additional reflections on the ever-evolving cybersecurity landscape. Mr. Miroslav emphasizes the significance of AI and LLMs, articulating their challenges and opportunities.

Considering the events of 2023, I see the biggest change in cybersecurity for the next years the rapid emergence and adoption of AI, more specifically LLM (Large Language Models),” he notes, highlighting the potential for these technologies to generate sophisticated threats such as deepfakes and convincing phishing messages. He also warns of the dangers of sensitive data leakage through inadvertent inclusion in LLM training datasets.

Strategic Threat Prioritization

Prioritizing threats is a strategic necessity, and Mr. Miroslav’s approach is informed by ISO 27001 risk analysis. He identifies supply chain attacks, internal infrastructure compromises, and vulnerabilities in public internet-facing applications as the top threats. Reflecting on high-profile incidents, he mentions, “Cases like JetBrains, Kaseya, SolarWinds, or M.E.Doc Supply Chain Attack were, and still are, a big warning for us.

CISO Mr. Miroslav on Cybersecurity Investments

CISO Mr. Miroslav on Cybersecurity Investments

Discussing investment priorities in cybersecurity, Mr. Miroslav advocates for a strategic allocation towards technologies that enhance both defense mechanisms and innovation. He highlights the importance of monitoring internal infrastructure and the Dark Web, suggesting investments in technologies such as Extended Threat Intelligence (XTI), SCA, SIEM/SOAR, and EDR. This strategic approach underscores the necessity of adapting to the constantly shifting cybersecurity landscape and ensuring that resources are allocated efficiently to where they can be most effective in safeguarding against threats.

Comprehensive Ransomware Defense Strategies

In combating ransomware attacks, Mr. Miroslav offers a comprehensive strategy drawing from his forensic analysis experience. He suggests a combination of stringent email policies, advanced antivirus technologies, effective vulnerability management, the principle of least privilege, and a robust backup and recovery solution.

Reiterating the role of AI and machine learning, Mr. Miroslav notes, “Technologies collectively referred to as ‘AI’ today, while far from true AI, have been part of security tools for many years.” These technologies aid in detecting unknown malware, recognizing phishing, and analyzing security events, significantly influencing his organization’s security posture. Their integration into cybersecurity strategies is pivotal for enhancing the organization’s ability to preemptively address and mitigate emerging threats, showcasing the integral role of technological advancements in maintaining robust security measures.

Cyber Threat Intelligence and Supplier Compliance

Addressing the challenges posed by the expanded attack surface due to remote work, Mr. Miroslav highlights the role of Cyber Threat Intelligence in detecting leaked credentials and monitoring the external attack surface. He also touches on the complexities of ensuring compliance among suppliers and vendors, acknowledging the difficulties of controlling external infrastructures.

In fostering a culture of cybersecurity awareness, he underscores the importance of education across all organizational levels. “For these purposes, we have established a regular education process in the form of e-learning courses,” he shares, emphasizing the need for continuous education and awareness. This initiative is part of a broader effort to instill a deep-rooted culture of cybersecurity awareness throughout the organization, ensuring that from top-level executives to all employees, there is a unified front against cybersecurity threats.

Skills and Advice for Cybersecurity Professionals

Reflecting on the essential skills for cybersecurity professionals, Mr. Miroslav believes in a blend of technical knowledge, hacker mindset, analytical thinking, mental resilience, and strong communication skills.

Concluding with advice for fellow CISOs, he encourages an open-minded approach to new technologies, seeing them as allies in the quest for enhanced cybersecurity. “Keep an open mind and use new technologies to your advantage,” he advises, underscoring the importance of adaptability and strategic foresight in navigating the complex cybersecurity landscape. This conversation with Mr. Miroslav offers a comprehensive guide for cybersecurity professionals, blending strategic insights with practical advice to navigate the challenges and opportunities within the field.