Frederic Saint-Joigny is Skybox Security’s VP of EMEA. He brings over 20 years of cybersecurity expertise to the company. He enjoys sharing his perspective on some of the biggest cybersecurity challenges within the region and why organizations need to rethink their security programs.
Skybox Security: What are the biggest cybersecurity challenges in EMEA right now?
Frederic Saint-Joigny: The security surrounding cloud services is currently one of the biggest challenges for organizations within the region. Pretty much every country has rules in place that forbid the export of sensitive data outside of the country. At the same time, there is a steady move towards cloud infrastructure. This is particularly true within the public sector, where there are state-mandated requirements to migrate to the cloud. This means that cloud providers need to have hubs within each country to ensure compliance with regulations. Cloud vendors need big networks – and that means a lot of ingress and egress points.
Pair this with the changes that we’ve seen over the last year. With everyone working remotely, attack surfaces have rapidly expanded. Prior to 2020, only a few employees were working remotely and accessing the corporate network via VPNs. That’s all changed. The vast majority of the workforce is still remote. And the applications that they’re using today to maintain continuity are based in the cloud. But what controls do organizations have over these applications? How can they be confident that they’re not introducing new risks?
Every day, I see something new in the press, whether it be a data breach or something more serious, such as the ransomware attack that hit two hospitals in France earlier this year. These attacks were so severe that computers were turned off, paper systems were introduced, and surgeries had to be paused. In this instance, cybersecurity was a matter of life and death. So, it needs to be taken seriously – Emmanuel Macron’s promise to invest €1 billion in a national cybersecurity strategy reflects this.
SS: Are governments within the region doing enough to improve security posture?
FSJ: Looking just at the EU, you can see that there has been some progress in recent years with GDPR one example. Ultimately, however, the regulations that governments provide are usually outpaced by increasingly sophisticated threat actors. Organizations need to understand their risk posture and take responsibility for their security because they understand the net benefits of a robust cybersecurity program, not just because they feel like they need to make changes out of obligation.
SS: Have you seen a shift in the way that organizations perceive cybersecurity over the last year?
FSJ: Network and security architecture has dramatically changed. The cybersecurity leaders at the organizations that I’ve spoken to over the last year are acutely aware of this. And they know that they have to consider this change when developing ongoing strategies.
I believe that the way we work has changed forever. In the future, we won’t go back to square one. There will be a hybrid balance between remote work and working from the office. This also needs to inform decisions that are made around improving security posture.
We have seen the network perimeter vanish. We know that the skills gap is only growing wider. Using the recent attacks in Europe as just one example, we see threat actors will not relent anytime soon. Now, I’m seeing leaders work to establish a new focus that will enable them to cope with disruption. Whether that involves building an internal SOC or outsourcing to MSSPs, it also requires the ability to gain visibility of the entire attack surface and access insight that informs proactive decision-making.
Recently, I was talking with a CISO. He told me that his business has millions of vulnerabilities and that he wanted to narrow them down to hundreds. That’s the focus that he wanted. He needs to understand how to reduce risk, establish a balance between risk and reward, and understand any issues within his network. That’s what Skybox provides.
SS: Was this one of the motivating factors behind your decision to join Skybox?
FSJ: Definitely, another big motivator was the key role that Skybox plays in addressing compliance issues within large environments. Large organizations have masses of technology. They will usually be working with a minimum of around 35 different security technologies and vendors, with a lot of overlap. Looking at Security Policy Management (SPM) tools alone, they usually use dual technology, and sometimes they’ll even have three similar technologies that might have come from various mergers or acquisitions. Across all technologies and applications, there will be tens or hundreds of thousands of rules. How are they supposed to manage all of that? Especially when they experience high employee turnover and are forced to work with lots of contractors. It’s a real problem.
These organizations know that they need to rationalize their technology. They have too much to patch and too much to support. Skybox helps with that. The Security Posture Management Platform integrates into the broader ecosystem. It aggregates data across the environment, providing security leaders with the insight, visibility, and predictability that they need.
SS: What new opportunities do you see for CISOs in 2021
FSJ: 2021 can be a year of positive change for CISOs. One of the outcomes of the pandemic is that security has become a business concern. Previously, CISOs may not have had budgeted. In some cases, they were just expected to set security policies. This was because cybersecurity used to be cut and dry – years ago, security teams could just apply a firewall to prevent a brute force attack. But attackers are much more cunning than they used to be. They take their time. They’re well-financed and organized and are adept at hiding under the noise. Now, the business understands this. CISOs have become decision-makers – they have a seat at the table.
With this influence, leaders can transform their security programs. They can address their most pervasive issues. Throughout all of the last year’s disruption, there’s one change that should be celebrated: The CISO is finally in the driver’s seat.