Intelligent CISO Issue 61 | Page 33

We must consider that attack vectors can simultaneously come from multiple actors who are attacking the victim with different goals in mind .

PREDICTIVE INTELLIGENCE

NetWitness expert on the changes of the NIS2 Directive and how to achieve real protection

As organisations attempt to protect against cyberthreats , understanding cybersecurity frameworks is a critical initial step . Stefano Maccaglia , EMEA Practice Manager Incident Response at NetWitness , discusses the NIS2 Directive as well as the expanding categories of threat actors and how their practical approach towards cyber incidents differs from other vendors .

oOne of the key changes in the NIS2 Directive is the inclusion of new cybersecurity incidents that operators of essential services ( OES ) and digital service providers ( DSP ) must report to the relevant authorities – can you clarify which category has been added ?

Firstly , they have expanded the number of categories in terms of market verticals to include categories like food production services and companies . The [ NIS2 Directive ] goal was moving from the digital environment to everything that is critical for the existence of the industry ’ s income and digital civilisation , and this covers sectors like energy , transport , food and even aerospace .
These already integrated categories were improved and new ones like water purification systems were added . Today , every utility is included within the NIS2 compared to the previous directive .
Do you think these categories are relevant and the overall set of categories is enough to address the most frequent attacks and more importantly the critical ones ?
Potential victims agree that NIS2 is tackling their challenges and there is a reasonable amount of new market verticals . But from the attacker ’ s perspective , there is still a lot to do as actual categories focus on basic cybercriminal activities that are predominant today .
NIS2 does not precisely target the cyber espionage war that is operating with sophisticated actors , and we need to extend definitions , categories and methods to tackle these artists effectively .
We need more precision with these types of trends as some actors are state-sponsored attackers . This ongoing conflict raises the number of potential exposures to critical services and can be used as leverage to create trouble in other countries .
On a global scale , do you notice a change in cybersecurity approach ?
An ecosystem has been built from the cybercrime world in the last few years .
Stefano Maccaglia , EMEA Practice Manager Incident Response at NetWitness

We must consider that attack vectors can simultaneously come from multiple actors who are attacking the victim with different goals in mind .

There is an evolution of actor categories and the cybercriminal world is polarising towards ransomware .
However , as more actors are becoming ready to sell their services compared to the past , this creates a change in the overall underground communities and heavily impacts the cybersecurity world . We must consider that attack vectors can simultaneously come from multiple actors who are attacking the victim with different goals in mind .
There is a general change in attitude towards the cybercrime environment regarding threats to more techniquebased attacks . There have been some exploitations in recent years but no major changes , so we must not be led www . intelligentciso . com
33