Smarttech247 CTO: ‘The attack surface is continuously expanding’


31 Jul 2020

Andy Grzess, Smarttech247. Image: Alan Rowlette

Andy Grzess is the CTO at cybersecurity company Smarttech247. He spoke to Siliconrepublic.com about the importance of adaptability when it comes to security.

As machine learning, artificial intelligence and digital transformation continues to advance, cybersecurity systems become more sophisticated. Unfortunately, so too do the cyberattacks those systems have to protect against.

While many organisations seek to improve their protection, Smarttech247 CTO Andy Grzess says they often do this without fully understanding the risks. Speaking to Siliconrepublic.com, Grzess said that since attackers change and improve their tactics all the time, being adaptable in your security measures is critical to avoid being outsmarted.

 ‘Cybersecurity is not only about the right technology systems at the right time; it is a continuous journey’
– ANDY GRZESS, SMARTTECH247

Tell us about your own role and your responsibilities in driving tech strategy?

My job is to help our organisation to deliver outstanding managed security services to our global base of customers by establishing technical vision in line with our business objectives and company vision. As the CTO, I collaborate with all teams in Smarttech247, our strategic partners and customers to build an innovative and adaptive approach to security programmes. More importantly, as a leader, I try to inspire my team to be inventive and creative in order to give our organisation the edge to compete.

Are you spearheading any major product/IT initiatives you can tell us about?

With the threat landscape constantly shifting, one must always adapt and stay ahead. Moreover, with the adoption of cloud computing, the attack surface is continuously expanding and we are facing new types of attack vectors that challenge how we used to do security. For example, in the last couple of years, we have seen an increase in attacks on companies’ manufacturing and production environments that run on operational technology (OT). Additionally, threat actors and nation-state attacks are threatening our critical infrastructure, especially in times of global disruption.

The reason why these attacks are so critical is that traditional IT security models are not catering for the needs of organisations with OT/industrial control system environments, so the world is not fully ready to prevent such attacks.

What is more, advancements in technology including IoT and cloud computing, has enabled more direct control and complete monitoring, with more straightforward analysis of data from these complex systems from anywhere in the world. The convergence of these technologies is becoming a significant security issue because OT has not traditionally been integrated into the cybersecurity monitoring stack.

Our security teams, in collaboration with our partners, are currently working on developing a better model to unite OT and IT security. Our aim is to help public and private organisations secure their critical infrastructure and protect against attacks that may possibly threaten our national security. We are currently working on developing in-house software tools that use complex architecture systems and artificial intelligence which help us deliver solutions to our global base of clients to address their pressing OT and IT security operations centre needs.

How big is your team? Do you outsource where possible?

The Smarttech247 group employs nearly 100 people in its three main sites: Cork, Bucharest and Krakow. We do not outsource any of our roles – and that is something we take great pride in. Cybersecurity is an industry that requires deep specialisation and experience mainly because of the sensitivity of data and networks that we deal with on a daily basis. There is a huge cybersecurity skills shortage in the world and as a pure-play security company, we need to recruit and develop our talent in-house, which is something that sets us apart from our competitors.

What are your thoughts on digital transformation and how are you addressing it?

Digital transformation has been on the agenda of organisations for years and the current global pandemic that the world is facing has definitely supercharged that. Before Covid-19, digital transformation projects took years to be completed, whereas the last few months have taught us that the fear of global disruption can certainly speed things up. Digital transformation is not about technology only. It is about leadership, talent and business objectives too.

As a company, we are highly dependent on technology and therefore we are constantly innovating and evolving our operations, services and products in order to stay ahead of adversaries. In cybersecurity, you cannot succeed without fully embracing digital transformation and continuous innovation because unfortunately, cybercriminals keep investing in sophisticated tools and attack techniques and we must not only keep up but try to stay ahead.

One example of our current digital transformation plans is a security automation project that we are working on. This will use deep learning and artificial intelligence technologies to identify indicators of complex attacks that are hardly identifiable based on conventional techniques.

What big tech trends do you believe are changing the world and your industry specifically?

Machine-based learning is already in our daily lives, and quantum computing will address the current limitation sooner or later. As soon as quantum computing becomes more broadly available to enterprises and larger organisations, we will see the next big surge in AI and machine learning applications.

Talking to the machine will become more natural. We will be faster than ever in analysing complex and unstructured data, reducing wait times on results from prediction models, business analytics and medical lab tests and leading to better malware protection. Unfortunately, this will also open the door to faster and more aggressive attacks.

In terms of security, what are your thoughts on how we can better protect data?

Cybersecurity is not only about the right technology systems at the right time; it is a continuous journey. Many organisations try to answer the question of protection without understanding the risk. Taking time to understand your organisation’s structure and its process is a vital step in starting a risk-oriented journey to a successful cybersecurity maturity.

Adversaries change and improve their tactics, techniques and procedures continuously. An organisation needs to be adaptable and agile to avoid being outsmarted by the attacker. Cybersecurity is an organisation-wide affair, so be prepared for the worst to mitigate swiftly and efficiently.

As a baseline, I always recommend that companies measure their cybersecurity posture and readiness regularly, at least annually, using well-established frameworks such as the NIST, CIS Top 20, ISO 27001 or SOX. Moreover, companies need to consider having the right security intelligence tools and network controls in place, irrespective of their size. Cybercriminals do not care about your size or line of business and if they do, you simply might be in the supply chain of a larger fish.

Take a step further and start mapping your security controls, process and incidents against the Mitre ATT&CK framework in order to identify gaps continually. But none of this will help if your cyber hygiene is not strong. which means employee user education, password security and perimeter security controls.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.