Kerubiel is a privately owned company specializing in the provision of ICT, SECURITY and PRIVACY services

It is uncommon these days if companies are not attacked by malware. Securing data has become the biggest challenge in today’s business scenario, its very difficult to restrain cybersecurity threats that is hindering business performance and growth.

Taking this into account, we introduce you to Kerubiel Ltd who has many years of extensive experience both in the public and int the private sector, delivering complex solutions from scratch.

László György Dellei, Founder and CEO, will shed light on how they successfully deal with cybersecurity threats

Q. As a common person, explain some secure processes to avoid identity theft?

The key to prevent identity theft is in its definition. This is a crime where an onther person wrongfully uses someone’s personal data to commit fraud or deception, usually for certain benefits. Thus, to avoid such an event is you have to focus on 2 elements: the use of personal data and the security of such information.

It is utmost important that someone treats their personal data (i.e. information related to themselves) with the highest level of care. Do not dispose of your documents or digital devices without prior – and final – deletion or destruction. Be security-aware. Use different and complex password for different systems or platforms, and enable – where appropriate – 2-factor-authentication. Furthermore, if you finish your work in a system, log out and turn off the device to prevent prying eyes from accessing your profile, your data, or your documents. Avoid using unprotected connections which provide easy internet access for you, and easy access to your devices for anyone.Finally, if you get a suspicios mail from your bank (which demands immediate answer or the provision of your crucial bank account details, or which is written with grammatic mistakes) do not answer. Check the website of your bank, or even connect them for further clarification. Such a mail is surely a phising attempt that can cause you financial loss.

Q. If someone steals the server’s private key can they decrypt all previous content sent to that server?

Unless the attacked system applies forward secery (i.e.a system utilizing short lived session keys to do the actual encryption on transport layer security data), the attacker may use the compromised private key to decrypt captured data sent previously to the attacked server.

Q. What is the primary reason most companies haven’t fixed their vulnerabilities?

There can be several reasons. The first – and most common – one is that companies try save funds, for instance,by under-financing certain areas, such as cybersecurity. Many enterprises think that appointing a CISO that is tasked with operating its information security system is enough, and no further funding needed. The “you can manage it anyway” approach means that the CISO may only operate with wath they have, lacking the necessary monetary funds to further improve security. This is usually the situation until the company is attacked. Once such an incident happens, the company usually realizes its mistake and channels in resources which will only be sufficient for mitigating further risks and to prevent further damages.

The other – frequent – reason is that many companies think that they might avoid a cyber-attack. This can be described as the the “I am too small to be targeted” attitude, meaning that the enterprise always wishes that the so-called “big-players” are in the crosshairs of criminals. However, this attitude is false since cyber-criminals target everyone who lack proper defences. Even a simple webshop may be hacked in order to get bank card and bank account details, or for information that may be used to hack individuals (i.e. passwords and usernames).

Finally, it should be pointed out that a certain level of information security may be achieved only at a certain time, but it may not be enough later. Defense against cyber threats is a continuous exercise, measures applied shall be frequently re-evaluated, modified, amended, or reset. However, once security measures are applied, many companies act as if they have achieved all that could be done, andoperate without further caution. This “I have done everything” approach provides the false perception of security, and these companies will become more and more vulnerable over timeas their measures become less effective.

Talk about your professional solutions to help companies evade cybersecurity risks.

Kerubiel is a classic consulting company providing services in the field of IT and information security. Kerubiel specializes in services such as IT audits and information security counselling, developing complex cybersecurity systems based on ITIL and AI applications, and counselling on business continuity and disaster recovery plans. In so doing, Kerubiel utilizes IT standards, such as the ISO 27000 and the NIST 800-53 controls assessment.

Recently, the company has been focusing on Cyber Threat Intelligence software systems with Industrial Control System specifics. Kerubiel specializes in threat hunting activities to collect, analyze, and utilize data on possible attackers, methodologies, directions, motivations before, during and – in some cases – after the incident. In other words, we are applying dynamic protective measures to combat possible threats. Furthermore, our experts collect extensive information from various sources (such as the darknet, clearweb, etc.) to be able to feed our complex CTI system with sufficient intel. Thus, the company may search for entities in a targeted way on various platforms and forums. Finally, by utilizing honey pots and self-developed honey net construction, Kerubiel may gather information about methods, orientation, interests, and tools of an attacker, and to emulate a complete system corresponding to the characteristics.

In addition to software development, Kerubiel carries out independent intelligence activities based on data collection (ICS Threat Feed). The company performs various data collections, including SOCMINT activities, using a specialized methodology. Based on the intel thus gathered, our experts create specific databases (data lake) and apply AI-driven algorithms to process such data. Finally, Kerubiel utilizes black pots to reveal and investigate any attempts to attack the infrastructure of a company, their methods, and peculiarities. The information obtained can be used to strengthen existing SIEM and firewall systems.

Brief us about SOC as a service methodology.

A security operations center is usually considered an essential part of an effective information security strategy. However, building and operating a SOC is a complex and resource-consuming task for many companies. SOC-as-a-Service provides a solution for such a challenge: it is a subscription-based model (outsourcing) for managed threat detection and response thatdelivers all of the benefits of SOC in an effective way for companies of all sizes and activities. Its advantages are, for instance, rapid threat detection and remediation, lower cyber risks, anhancedagilityand scalability, and most importantly cost reduction.

Q. What is prominent about your security solutions and how satisfied are your clients?

Kerubiel offers specific security solutions to its customers in the following areas, among others: communication protection, eavesdropping protection, AI-based protection solutions and cyber threat intelligence. For instance Kerubiel can provide tailored, self-developed passive security solution to address classic threats such as eavesdropping, and  man-in-the-middle.

Kerubiel provides its services and solutions in a complex way, merging expertise from cyber- and information security with other areas, such as data security and data protection. For instance, one of our newest service specifically targets the automotive industry assisting the relevant actors to provide objective evidence of compliance with information security requirements. This is based on the Verband der AutomobilindustrietheTrusted Information Security Assessment Exchange (VDA TISAX) that provides common standards for information security and data protection measures fully conform with the GDPR and prototype protection requirements. 

Brief background of the dignitary

László György Dellei (MBA, C|CISO, CISA, CGEIT, CRISC, CDPSE, ISO27LA) is the founder and CEO of Kerubiel. He is an outstanding expert and professional in the fields of IT, information security, and privacy. He is also active in the Hungarian Chapter of ISACA, becoming the GDPR envoy of ISACA HQ in 2019, and the Privacy Spokesperson in 2020.

“Based on our knowledge and comprehensive field experience we are contributing at many influental international professional organisations like ISACA.”