'Much of IT budget spent on security, but human remains weakest link'

OTP one time passwords

The various data leaks and thefts follow one another at a rapid pace. In the digitalising society, data has never been so important, but also never so vulnerable. How to prevent the number of data thefts? Awareness about your digital security and about sharing knowledge are of key importance as far as this is concerned, SecureLink states.

SecureLink has the ambition to become the main internet security expert in the Benelux. Last year the company won a High Growth Award. CM and SecureLink cooperate in sending OTP messages in order to increase security during login sessions. SecureLink uses the CM platform to send passwords via push notifications, text messages and the hybrid solution.

An interview with Jeroen Roosien, General Manager at SecureLink:

What is SecureLink and why does it exist?

SecureLink was set up in 2003 in Belgium and started in 2008 in the Netherlands. Our ambition is to become the main cyber security player in the Benelux and to expand this in the future to encompass Northern Europe.

Our culture is outlined in what we call ProudLink. It's not easy to become a SecureLinker. During our employment process we check to see whether the candidate fits in with our ProudLink culture. We only take on people who are a true asset. We work on the basis of the Customer Firstprinciple. Among other things, this can be seen in the First Line Engineers at the Service Desk and our high NPS. We really know what flexibility is.

 

What does the High Growth Award mean to SecureLink?


Our strategy and continuing growth in the Benelux has strengthened our position in the cyber security market. We consider winning the award as confirmation that we are on the right track to further develop our international ambition in the coming years
 

(Digital) Security is important, as many now acknowledge. In what way does SecureLink excel when compared to others?


Security is part of our DNA. That's because security is a process as opposed to a product. Furthermore, as an independent business unit, SecureLabs is a valuable asset. They focus on compliance, governance and privacy issues. They do this by pen testing, ethical hacking and security audits, among other things. Together we are responsible for the Managed Security Services. The renewed Benelux SOC (Security Operations Center) recently opened its doors.

 

In what way does SecureLink attempt to create more awareness about digital security?

Sharing knowledge is the key here. That is why we give guest lectures at colleges and universities for example, and organise Round Tables and events. Security BootCamp is one example of such an event. This is our largest, two day event where technical and visionary speakers discuss threats and current affairs in the area of IT Security.
 

Could you name one of the most common challenges you encounter with SecureLink's customers?

  • We have noticed that more and more of the average IT budget is being spent on security. Unfortunately, this is mainly hard- and software, while it is the human who turns out to be the weakest link in more than 60% of the cases.
  •  
  • Every organisation experiences loss, leakage or even theft of information. The reasons for this are twofold: there are technical reasons, which can be combated with for example firewalls, virus scanners, vulnerability assessments and pen tests, but more than 60% of all incidents is caused by the weakest spot in information security: the human.
     

So what is the best solution to this then?
Security Awareness is one of the solutions. The aim of this type of training is to introduce employees to information security and to create awareness. Besides this, security really has to be guaranteed and therefore has to be part of the organisation in all facets.
 

Where does SecureLink hope to be in 5 years time? What will have changed radically if I meet you again in five years?
Then we will be the main cyber security player of Northern Europe. Developments, trends and expectations in our market for 2016:

  • Targeted attacks make use of all parts of the kill chain

  • Infrastructure will be used more and more as a service (wireless as a service, Firewall as a service).
  • Increased integration and automation between and by various techniques in infrastructure through the application of APIs

  • Application of a central identity and access management solution with two factor authentication for a public/private application landscape

  • The expansion of existing private cloud to public cloud, cloud bursting and cloud migration

  • The future lies in intelligent networks, based on fabric technology

  • The adoption of advanced techniques for the benefit of endpoint protection

  • Security awareness training/sessions to get users who are aware and capable

  • Make use of relevant intelligence for detection and to make more efficient decisions in DNS, security gateway and application delivery platforms

  • Making shadow IT transparent and enforcing security policy for cloud applications by using Cloud Access Security Brokers (CASB) solutions

 

More on security



Enjoyed this article? Please share the news!

About the author

Erik Eggens is an allround journalist, editor, content creator and copywriter and takes a keen interest in mobile, finance and politics.

Connect with Erik on

LinkedIn, Twitter.