Kaloyan Vasilev, manager of the Bulgarian company, on the necessity for complex approach and awareness in cybersecurity
A contemporary company is well-protected only when its data, trade, production and finance assets, its future plans and its employees are safe. This is a truism, but how can we turn it into a working reality? CyberSecurity, a young Bulgarian company, is dedicated to the mission to offer complex solutions to companies and individual clients, and to increase the awareness of the dangers in the field and the ways to overcome them. Kaloyan Vasilev, manager, elaborates.
Why a company and even an individual client need complex cybersecurity services?
Until not that long ago having a computer running Windows and an office package was enough to do your job, but this is not the case anymore. In the past decade the IT technologies we all use boomed. A company now has a corporate web page, mail server, probably one or more apps, an internal network, servers, computers, smartphones etc. The company can hire different specialists to deal with this infrastructure or it can create a dedicated IT department. his could do the job, but it is far from guaranteed. It is not enough to create a service. In order to protect it adequately, you need to know it well. This is what we offer. We create services and protect them so that you can use them securely.
The situation with individual clients is similar. There we talk about access to services with sensitive customer data. You do not want someone to read your email, browse through your photos, access your bank account or manipulate the way you think.
What is more important for cybersecurity to work - the technologies and software used or customer awareness?
Both are important. Installing an expensive anti-virus programme is far from enough to protect you. Old systems are unable to update and anti-virus programmes cannot compensate the gaps in their security. In the majority of cases the software is old, missing updates and the used crack itself is a virus that adds more security gaps to the ones that already exist in the old and antiquated version.
Lack of customer awareness is a serious danger that should not be underestimated. At the moment we are experiencing a boom of phishing emails. Some people click on the fake links and are hacked. This is lack of awareness.
Even complex IDS/IPS systems cannot protect your services if you are unaware of the threats of cyberspace.
How can you help?
We do not rely on everyone becoming security expert, that is why we offer segmented trainings and conscription programmes. You will learn different things if you attend a training as a private citizen or as an employee. If you participate as a business, you will receive support for all services that your company uses. As a consumer you will have security for your sensitive data.
Currently, due to the lockdown and the convenience of home office, remote access to company resources has become very popular. This is one of our key services. We build secure a connection between the company's network and the remotely located employees.
Imagine that I own a small or mid-size company. What solutions will you offer to me?
We will start with employee training. It is crucial that everyone knows what to expect from and how to react in key situations. As I already mentioned, we have specialised courses in accordance with the responsibilities of the employee's position in the firm. When we are sure that everyone knows what rules to follow, we will analyse and reorganise your resources to that they become secure. In some cases this includes physical reorganisation of the equipment. The next step will be to include you in an appropriate conscription programme that will keep your services functioning and protected. Our solutions are tailored to the specific business and include services such as regular security checks, malware checkups, access management etc. This will cover all IT services your company uses.
And as an individual customer at home?
Our trainings for individual clients offers alternatives to the free software downloaded from torrent trackers and will prepare you for the dangers of cyberspace. We will present you with real-life threats so that you can see how they operate. You will understand why criminals hack you, what the consequences can be and why "I have nothing to lose" is an old cliche.
We also offer a suitable conscription service. We will take care that you use legal, up-to-date software and that you and only you have access to your personal data.
On 1 March 2020 you started a campaign for free security checks for small and mid-size companies. What is the campaign's aim?
It aims to improve cyberculture and cybersecurity in Bulgaria. A significant part of the small and mid-size business is exposed to dangers as it relies on basic knowledge in configuration and building of equipment and services. It relies on the same basic knowledge in their use. This is not the right approach and it does not correspond to the good practices in the field. We want to show that a business can be protected without restrictions and wasting significant amounts of time and resources. We hope that this will allow us to also reach individual clients and to help them increase their interest in their own safety and to improve their cyberculture. This will improve the overall situation in Bulgaria as well.
According to ITU (International Telecommunication Union), Bulgaria's GCI (Global Cybersecurity Index) for 2018 was rockbottom in Europe and in the EU. I hope the situation will improve and we will climb at least to the average EU level. Bulgaria is one of the EU countries with the fastest development of the IT sector, which means that we are educated. We do not deserve such position in cybersecurity rankings.