Interview With Dirk Schrader, Cyber Resilience Architect at Greenbone

In this increasingly online-operated world, the security of an IT infrastructure is vital for businesses in all different industries. It helps to protect an integral part to any business’s operations, ensuring the confidentiality, integrity, and availability of IT assets are sustained.

This is where Greenbone can help – founded in 2008, Greenbone Networks have created an open-source solution that helps to analyse and manage vulnerabilities in IT. Security risks are identified through Greenbone’s GSM (Greenbone Security Manager), which then recommends preventative actions to take.

Greenbone’s goal is to help prevent any attacks on a business’s IT through targeting precautionary measures. TechRound recently spoke with cyber resilience architect at Greenbone Dirk Schrader, finding out a bit more about the company, and the importance of adopting sustainable cyber resilience for businesses.

 

How have you seen Greenbone grow since joining the company?

 

“Since I started in 2015, Greenbone has continued to grow. Most recently we appointed our first Chief Operating Officer and overall the number of employees at the company has doubled.”

“We now have partners, distributors and resellers all over the world, including in Australia, South Africa, the UK, France, Mexico and the US. Our brand and thought leadership position on cyber resilience has improved far beyond my hopes.”

“We are always looking for new ways to deliver our vulnerability management solutions to organisations of all sizes. For example, we are currently working on a managed services version of our solutions, a platform that is particularly beneficial to micro-businesses and SMEs as they’ll still have enterprise-grade protection but without the need to purchase hardware or software, or for any specialist cybersecurity expertise. We are planning to launch this new platform in the second quarter of 2020.”

 

Are your services particularly popular within certain industries, or are clients more varied within the corporate sector?

 

“Our vulnerability management services are applied across the board, and aren’t limited to any industry. We do however, have a particular emphasis on protecting critical national infrastructure at Greenbone. The likes of the transport, health and energy sectors are crucial to the day-to-day functioning of societies across the globe, and in today’s interconnected, digital world, the likes of rail networks, hospitals and energy providers have never been more vulnerable.”

“If just one of these sectors were to be compromised by a cyberattack, then the knock-on effects on other industries would be catastrophic. Whilst this interconnectedness and digitalisation is a sign of progress, it also means that organisations of critical importance need to have water-tight cybersecurity. One part of that is sustainable cyber resilience.”

 

How is adopting a sustainable cyber resilience effective in defending against hackers?

 

“Today, cyber threats are a frequent occurrence, with news of cyberattacks and data breaches making nearly a daily appearance on the news. As such, taking a tactical, reactive approach to cybersecurity is no longer adequate in protecting organisations against inevitable cyberattacks. Instead, organisations need to shift their perspective and look to implement a proactive, long-term solution in order to pre-emptively defend themselves.”

“Rather than purely focussing on how to protect customers, critical organisations need to concentrate on protecting their own business assets too, taking stock of their critical processes and whether they are at risk of making up part of the attack surface. This is where adopting a state of sustainable cyber resilience plays a crucial part.”

“This method involves organisations identifying, classifying, prioritising and remediating all the vulnerabilities in their IT infrastructures, meaning that even if an opportunistic hacker does come along, they will struggle to find an entry point to an organisation’s network.”

“Some of the most costly and damaging attacks in recent years were the fault of an unchecked vulnerability – WannaCry, for example – and still many organisations don’t realise that they have unguarded areas on their systems.”

“Recent Greenbone research for example, found that millions of patient data files are freely accessible on the internet without any cybersecurity in place – this is a disastrous data breach waiting to happen. If organisations are to avoid such fallouts and protect themselves, they must become cyber resilient.”

 

Why is adopting a sustainable cyber resilience important for protecting the UK’s critical national infrastructure?

 

“Critical national infrastructure (CNI) organisations play a fundamental part in our everyday lives providing access to everything from education and healthcare to telecoms and water. Severe disruption of such services would be catastrophic and that threat has never been more potent now as each service relies more and more on digital networks.”

“Hackers know this all too well and with many of these organisations – hospitals, banks, universities – storing a mountain of valuable, sensitive information on their books, critical infrastructures make attractive targets. With that in mind, organisations vital to keeping people safe and ensuring the normal functioning of society need to be proactively prepared to combat any attempt to compromise their networks.”

“Our research into the cyber resilience of CNI operators in Europe compared to their counterparts in the US and Japan shows that only about one third are already resilient in their cybersecurity, with the UK in particular only being 33% prepared. Indeed, the threat of cyberattacks on our CNI is a frightening prospect, so adopting a state of sustainable cyber resilience is one step closer to ensuring a stronger, more protected infrastructure – across the nation.”