What solutions does EclecticIQ offer?
Dan Farache: EclecticIQ offers an intelligence management platform that allows you to consolidate different flows (open source, commercial or MISP), collect them, order information and correlate indicators of compromise, in order to associate a hacker with attack vectors. We then share those results with operational security teams so they can anticipate the next threat.
William Durand: At the moment, we are also expanding into other more conventional sectors of the market, such as analyzing data on the corporate network to detect threats there by combining data with intelligence.
How have cyber attacks become a major problem for companies?
GD: In security, we have long thought that we would protect ourselves from attacks by looking at network indicators. But there are too many false positives and too much data for analysts to process. For better security, you need to classify information, look at hackers’ modus operandi and flaws in the software or operating system.
GD: Today, telecommuting or data sharing offers a larger attack surface, with more ways to break into systems and multiple devices or entry points to protect. The attacks are more frequent and aggressive. The problem is the lack of collaboration. We are in a secret environment, companies do not want to admit when they have had infiltrations, which does not help to anticipate attacks.
FD: Hackers have industrialized their modus operandi. It has become easy to become a hacker by buying kits on deep and dark web forums. They share information about the vulnerabilities of companies, leaked data, while companies protect each other, without exchanging enough information in real time to protect themselves, because this can damage their brand image.
How has the government approach to cyberthreats evolved?
FD: EclecticIQ CEO and founder Joep Gommers is heavily involved in discussions with decision makers about cyber security laws. This is reflected in initiatives such as NIS, a European directive launched in 2016 to promote collaboration in order to protect member states. NIS 2 will be implemented in 2024 and will prompt more sectors to take concrete steps to share information. Initiatives are being launched, but there are not enough qualified people to fill these positions and we are still catching up.
This content was produced with SCRIBEO. The BFMBUSINESS editorial team was not involved in the production of this content.
Source: BFM TV