Interview with Tom Van de Wiele, Principal Security Consultant, F-secure
You cannot defend yourself if you don’t know what you are supposed to defend. Companies working with critical infrastructure use many third parties and contractors, making it is easy to lose the overview. If you lose the overview, it is impossible to defend yourself.
At the SCADA conference on the 14th and 15th of November, F-secure will be represented as an exhibitor and furthermore, Tom Van de Wiele, Principal Security Consultant at F-secure, will be one of the speakers. He will focus on the most common problems F-secure come across when they do security consultancy and security testing for companies working with critical infrastructure.
Insight inspiration on how to solve or manage security problems
Tom Van de Wiele hopes that the delegates will recognize some of the problems that he will be focusing on. Furthermore, they will get the chance to gain some new insight inspiration in the ways that F-secure have seen companies solve security problems or manage some of the problems that cannot be solved completely. “Some of the risks that we are talking about, are risks that you cannot really prevent. However, there are ways of mitigating these by addressing some of the root causes rather than the symptoms”, he says.
The importance of acting before a security breach happens
According to Tom Van de Wiele, not many changes has been made over the last few years – at least not in Denmark. The only change is that more cost cutting has taken place while more risks have arisen, which is not a good trend. “Unfortunately, for the major of the companies working with critical infrastructure, they only act when something big and bad happens. Here, it is very hard to raise any kind of flag if companies are not interested in any kind of security testing or any kind of due diligence on their processes”, he emphasizes.