The past year has been characterized by dramatic transformation and a shift of engagement models from physical to digital. Relationships in the digital sphere need to be underpinned by trust – which can take a long time to accrue yet be easily lost. What drives trust between an organization and its employees, its partners, and its customers? Security is a core pillar, aligned with risk. Privacy and compliance are also of paramount importance. But ethics and sustainability or corporate social responsibility are also on the radar. To become a trusted digital business requires focus on multiple disciplines; however, without trust those fundamental business relationships will not thrive.

An IT device with an Internet connection is tried to be hacked every 39 seconds on average, but after the first successful move, the human attacker is still there to decide how to proceed. Artificial intelligence, on the other hand, will plan each step on its own and make decisions. It attacks continuously, 7/24 hours, in the most imperceptible way. Have there ever been attacks with the support of artificial intelligence? In which technologies can we encounter artificial intelligence? More and more manufacturers and researchers are developing a solution supported by artificial intelligence for defense purposes. What are the benefits of doing our business with the support of artificial intelligence and machine learning, and are there any dangers?

High-impact changes usually occur almost explosively in a short period of time. This is also true for technological change, innovation, or catastrophic cyber attacks that can change the future of companies and those who work there, from one moment to another.

In Árpád Hódy's presentation, you can learn from industry experiences, what different rules exist in war and why it is a real professional challenge to rebuild the company's entire IT system after loosing the war. And also to build castles in peacetime so that we only have to win battles, is still much more effective.

Suppose your company's endpoint protection is satisfactory. What is the reason for investing in additional solutions in addition? Too much to budget and spend?

Above all, the endpoint protection solution must pre-filter events fully effectively before more advanced solutions (e.g. EDR, Sandbox are included in the picture). The vast majority of threats need to be automatically identified at the earliest point in the counter-attack chain and the necessary countermeasures taken, and the smaller the overall impact of the threats on resources and the extent of the damage to our wallets. The majority of security incidents (approximately 90%) are immediately addressed by a good EPP solution and do not occupy either the EDR solution or security personnel who can focus on more advanced and therefore more dangerous threats.

What about the remaining, much more dangerous 10% of pests?

Interview with Ákos Hazslinszky, IT Director of the Buda Health Center

Like many other sectors, healthcare has been hit hard by the pandemic, accelerating the pace of digitalisation. We’ve never talked about health as much as we did last year. Even a decade ago, IT security was not the first thing to come to mind when it came to healthcare, but the blackmail attacks of recent years and the digital renewal of the sphere have also put the sector in the spotlight. How did the pandemic transform the sector? What strategy is being used to address IT security issues now, and what to expect in the future? Join the IDC Security Roadshow, where we talk to Ákos Hazslinszky, the CIO of the Buda Health Center.

Until recently, large companies used various cyber defense tools to address threats, leading to silo-like system operations.

This has increased the congestion, complexity and associated operating costs for professionals.

Nowadays, the complexity of the attacks has increased and it is important to understand the purpose for which we were attacked, whether there was an intrusion or possibly a data leak.

In our presentation, we show how in an inhomogeneous cyber defense network, automations can be used to reduce the workload and assist in the incident analysis required by large companies.

IT-OT convergence enables more direct control and more complete monitoring, with easier analysis of data from these complex systems, from anywhere in the world. This enables workers to do their jobs more efficiently and improves decision-making, as they have access to real-time insights that the date provides. However, the Industry 4.0 (digital) transformation raises a number of security issues arising from the convergence of these systems, primarily in the areas of visibility and control.

What does the security challenges below mean in practice from the perspective of a major market player in this field? The conversation tries to formulate answers to this in an understandable form.

- Malware infiltration via external hardware and removable media. ...

- Human error

- DDoS attacks and IoT-botnets

- Malware infection via Internet and Intranet

- Compromising cloud components

With the rise of work from home, hackers are also keeping pace, making it more essential to control access to company data in more detail, to properly combine authentication factors, and to properly encrypt data stored in different locations and manage keys in a consistent manner. The two areas are closely linked, with a presentation by two Thales experts covering users and the entire data lifecycle.

The presentation provides a brief insight into the differences in the tasks, responsibilities and scopes of the areas of IT security, IT operation and information security at Magyar Posta Zrt. It will highlight the conditions for effective and flexible cooperation between these areas; and present the conditions and plans for the optimal and efficient operation of the Security Operation Center in the present environment.

Secure Privileged Account Management Expanded with User Lifecyle Management

The new security paradigm is “Zero Trust,” a security model that constitutes a more data-centric and identity-aware approach that is designed to handle the new challenges of our “perimeter-everywhere” world. Zero Trust is driven by the precepts of never trusting anything inside nor outside the organization’s security perimeters. Rather, before access is granted, anything and everything that is attempting to connect to an organization’s systems must always be verified. With Zero Trust, the security team puts policies in place to validate every connection attempt and every device, and to intelligently limit access. During the presentation we will guide you through the 7 principles of the Zero Trust model.

Cyberspace now plays a crucial role in every aspect of our lives and it is the shared responsibility of a wide variety of actors, in their respective roles, to improve trust, security and stability in cyberspace. Building trust and security in cyberspace requires sustained global engagement and collaboration across key multilateral and multi-stakeholder dialogues. The Paris Call for Trust and Security in Cyberspace, establishing voluntary multistakeholder cybersecurity principles and commitments to further cooperation on meaningful rules of the road in cyberspace. This represents the largest ever multi-stakeholder group assembled to support a cybersecurity focused document. The panel discussion between the panellist from V4 countries will be focusing on the opportunities of this multistakeholder cooperation.