CyberArts CEO Erdem Eriş explained CyberArts' vision, goals and developments in both global and local cyber security in an interview with CEO Life Magazine.
“WE CONTINUE TO MAKE ART IN THE CYBER WORLD”
A malware is produced every 15 milliseconds in the world and a cyber attack is carried out every 39 seconds. The damage caused by known cyber attacks to economies reaches 6.3 trillion dollars. There has been a great increase in attacks against and within Turkey in the last 3 years. Turkey has always been in the top 5 in the lists for the last 5 years. CyberArts CEO Erdem Eriş said, “During 2021, the acceleration of cyber security investments tripled due to the pandemic, digital transformation and in parallel. We continue to support large organizations in building sustainable cybersecurity strategies during this great transformation process.” siber güvenlik stratejileri inşa etmelerine destek olmayı sürdürüyoruz” diyor.
While cyber security was a subset of information technologies until 5 years ago, it has now turned into a universal cluster with 44 subsets. There is no business process that cybersecurity does not cut vertically. CyberArts CEO Erdem Eriş said, “In this process, we have seen that institutions need consultants with international experience in human resources, processes and technologies in order to build their sustainable cyber security strategies. We have also identified the need to blend the disciplines of cybersecurity, law, and governance for compliance frameworks. Large institutions need reliable companions on their digital transformation journeys who will manage all these like a conductor, do all their work with the meticulousness of an artist. And we meet exactly that need.” says. Stating that the pandemic, digital transformation and parallel to the cyber security investments tripled the acceleration throughout 2021, Eriş states that they are one of the companies that read early and correctly how the effect of the pandemic will change the attack surfaces and attack vectors, and in what direction it will shape their cyber security investments. He draws attention to the fact that they continue to make art in the cyber world with the cyber security services they offer and the new generation technologies they use in their projects during this great transformation process.
How did you set up CyberArts?
After my technical education in İzmir Science High School and Boğaziçi University Computer Engineering; During my 22-year ICT career, I had the chance to work as top managers in product, sales, marketing and business development positions in both domestic and international F500 companies. I founded CyberArts four years ago by adding the philosophy of "making art in the cyber world" on top of these experiences. The story of the CyberArts brand is interesting. I recommend you to read this story on our website.
What are your characteristics and goals that set you apart from others?
We serve Turkey's largest domestic and international institutions from different sectors such as finance, telecom, logistics, e-commerce, production, construction, marketing, technology, service textiles and the public. It is very important to be able to foresee the impact and sustainability of this decision on other business processes when making a decision in the institutions you provide consultancy on cyber security. Seeing this big picture; you have built a strategy that will encompass human resources, processes and technologies; Imagine that you bring together the disciplines of law, governance and cyber security and do all your work with the sensitivity of an artist. These are the key elements that differentiate us. On the other hand, as one of the founding members of the Turkey Cyber Security Cluster; In all our possible projects, we make positive discrimination to domestic cyber security technologies that have proven their maturity, have a global vision and are focused. From 2022, we plan to provide more support to domestic cyber security manufacturers and start our overseas expansion.
It is said that Turkey is among the top 5 countries that make and receive the most attacks. What are the precautions that Turkey should take in this regard in terms of cyber security?
There are 3 million malware attacks per minute and 1.6 million per year in our country. Corporate networks are attacked 200,000 times a year. Turkey has always been in the top 5 of the lists for the last 5 years, both in terms of exposure to cyber attacks and making cyber attacks. In 2020, it is the country most exposed to cyber attacks. Of course, being an active and remarkable country has an effect on this. On the other hand, we see the effect of the fact that we lag behind other countries in measures. The measures taken after the attacks, like "One misfortune is better than a thousand advice", of course strengthen our cyber security stance. However, the MBS (Musibet Based Security) approach in cyber security is unfortunately not an accepted approach in the world. Investments we avoid; When we experience an attack, it can return as a direct business interruption, much greater losses in total on the prestige and customer fronts. We should equip ourselves with domestic cyber security technologies, not see consultancy and service items as scratchable items in this field, and get rid of the calamity-based security strategy as soon as possible.
“CYBER SECURITY IS AT THE TOP 3 IN THE CEO AGENDA”
$6 TRILLION COST
The global cyber threat has become one of the top three topics on CEOs' agendas, with data breaches increasing in number and changing nature every year.
FAST MOVEMENT
Approaches and technologies that were valid a year ago can become garbage a year later, and technologies that you never expected can enter the list of the most important. Five years ago, when we said 'Antivirus is dead, welcome EDR', now we say 'EDR is dead, welcome MDR/ XDR'. Incident Response and Evidence Collection Enterprise Forensics, which was a reactive cyber security topic until 1 year ago, has now become an important technology that is used proactively, offering the chance to respond quickly to such intense attacks.
SASE AND ZTNA NOT VPN
Developed 30 years ago for secure remote connection, VPN, on the contrary, paves the way for many cyber attacks, while SASE and 2TNA, which are built on zero trust, find their place. In addition to regular penetration tests, we see that artificial intelligence and BAS technologies should be put into use. MFA is a must for both physical and digital inputs. IAM/PAM is no longer an option in authorization access control. DNS firewall is the rising trend in Web security in addition to WAF.
CONTROL AND FLEXIBILITY
NAC solutions that increase control; flexible, low-cost but more secure SD-WAN technologies; NDR monitoring network traffic; New generation DLP solutions capable of detecting and protecting personal data, data destruction technologies that have been newly discovered to be important for KVKK/GDPR compliance, threat intelligence platforms that provide brand protection, ASM that allows you to monitor your attack surface… Recent technological trends.
Source: CEO Life Magazine January-March 2022, Issue: 2022/01
