10 August 2022 Line

To protect your systems, you need all the information

Søren Egede Knudsen is CEO and IT/OT security Expert at Egede. He is also one of the keynote speakers at this years international industrial security conference the 15-16 November. Søren is currently working on an interesting and relevant research project within IT/OT security that will be announced soon.

 Before the conference and the big announcement, you can read an interesting interview with Søren here.

 

What is your background? And how do you work with industrial security on a daily basis?

Since I was young, I have been interested in electronics and computers. In the mid 90’s I was working with servers and at that time, I got introduced to firewalls. I believe it was BorderManager, but at that time it was not a fulltime job. Later, I worked as a Cisco specialist with networking and security. Since my first introduction to security, it has had my special interest and it has been a core part of my career as subject matter expert, as CTO, and as CEO. Since 2009 I have specialized in industrial networks and penetration tests. Today I am working as a consultant dedicated to cybersecurity in the industrial environments.

 

What do you see as the biggest opportunities and challenges in connection with cyber- and industrial security?

I believe the biggest opportunity is the openness, sharing of experiences and the process of understanding that industrial cybersecurity is critical and is not the same as cybersecurity in the “normal” IT sector.  Unfortunately, this understanding is only in some companies, but I believe there is a positive trend and will come to more and more companies in the industrial sectors.

The biggest challenge is the shortage of knowledgeable resources in the industry. In the IT sector there is a lack of cybersecurity resources, but when we talk about the industrial area, the problem is at least ten times as severe. Recruiting people who are knowledgeable not only in IT, but also in industrial networks, is critical for the industrial companies but it is very difficult to find people with this profile.

 

When looking forward just 5-10 years, what do you think will be different within security?

In 5-10 years, companies will be able to better understand and integrate the blue team and red team information into their cybersecurity protections. In addition, I believe that there will be a higher pressure on vendors to make software with less vulnerabilities. So, in short, changes will come in management, the technical personnel and the vendors.

 

Besides more funds for security, what do you think would make a difference in the industry?

Better understanding and communication between people: At board level, between the board and leadership, and between the leaders and the technical personnel. To be able to protect your systems, you need all the information, not just parts of it. This is no different from other areas of a business.

 

Do you want to hear more from Søren and his research project?

At the international industrial security conference, the 14-15-16 November in Copenhagen, Søren will give an interesting keynote presentation about his relevant research project. Join the conference to hear the big announcement. Join the international Industrial Security Conference. Read more here and sign up here.