Energief’s prevention advisers see things from a risk perspective every day. The company did not wait for a wake-up call before boosting its cybersecurity. “I am an early adopter in the IT field, but technology is evolving rapidly and becoming so complex that cybersecurity has become a profession in its own right,” says Energief founder Yves Peeters. He decided to enlist the Netcure experts and followed a cybersecurity improvement programme.
Peeters and his staff at Energief don’t need to be convinced of the importance of cybersecurity. “We are prevention advisers; we are concerned with security every minute of every day. We constantly look at things from a risk perspective, we see dangers where others do not. We are always on guard, always alert. It’s in our DNA. I constantly have to restrain myself at home. I can honestly say that there is a real security culture at Energief. But even then, it’s difficult not to fall into cybercriminals’ traps. Mail addresses with one letter changed are easily overlooked. A moment of inattention, that’s all it takes for people with bad intentions. That’s why it’s important to protect your systems for these moments. Technology and culture go hand in hand.”
No incidents yet
“We have not had a cybersecurity incident yet. And we intend to keep it that way. Hence the improvement process we have now embarked on. We’re well aware of the importance of prevention and don’t want to wait for a painful wake-up call before taking action. Many other companies do wait until it’s too late. I sometimes compare cybersecurity with accidents at work. All companies now have prevention policies in place. Yet, it has taken companies too long to realise that, in addition to the obvious physical damage and corresponding financial consequences, a workplace accident can also cause a great deal of damage to your reputation.” Energief contacted cybersecurity expert Netcure.
Netcure’s Marketing Manager Anneleen Lenaerts sees companies still underestimating the impact of a cybersecurity incident. “It actually starts with underestimating the risk. “How stupid can you be?”, they laugh when it happens to a competitor. Or: “We’re just a small fish, cybercriminals aren’t interested in us.” Double wrong, because those cybercriminals throw out lines all the time and they just wait for a fish to bite. No matter where it is, how small or large it is. And make no mistake, when the cybercriminals get your bite, they show no mercy.”
General practitioners and heart specialists
Energief didn’t need a wake-up call, but was primarily looking for technological expertise, according to Peeters. “I am an early adopter when it comes to computers. I like to dive into things, I personally built the IT solutions Energief is currently using. We also share these applications with our clients, so they need to be watertight. I do feel that I am reaching my limits now. My IT knowledge is too restricted. Technology is evolving rapidly, becoming increasingly complex and sophisticated. Cybersecurity has become a profession in its own right.” “Cybersecurity today goes beyond the competence of many IT professionals and many IT teams,” confirms Lenaerts. “I sometimes compare it with a general practitioner and a heart specialist. A general practitioner knows a lot about heart problems and heart disease, he can detect the risks. However, he will refer you to a specialist for further examination, diagnosis and possibly treatment or surgery.”
“Cybersecurity today goes beyond the competence of many IT professionals and many IT teams”Annelies LenaertsMarketing Manager at Netcure
“We always start with an audit to expose gaps in the IT systems. Once we’ve found them, we can offer a solution to close those gaps in the defensive wall. Every journey begins with prevention; prevention is better than a cure. The second step is detection. A cyber-attack doesn’t usually happen overnight; cybercriminals spend an average of 60 to 200 days preparing for an attack. So you still have time to counter the attack, but you need to have systems in place that will warn you in time if there is a break-in. The third and final step is remediation: repairing the financial loss and damage to your reputation quickly if a breach does occur.”
Making the right choices
The cybersecurity improvement project at Energief has only just started, explains Peeters. “We are still in the analysis phase. However, the analysis has revealed a number of quick wins, which we are already implementing. First, we’re taking care of our basic protection. This first layer is crucial because it blocks out a lot already. Still, cybersecurity is a work in progress. Netcure’s expertise helps us stay up to date with new trends and evolutions. It’s impossible for a small company to keep track all by itself
“The financial support from VLAIO was the decisive factor for us in taking a more thorough look at our cybersecurity once and for all. Netcure’s experts contribute their expertise to deciding how the available budget can be used in the most effective way. We are a young SME, our resources are not endless, so we have to make choices. Netcure helps us to set the right priorities and make the right choices.”
Would you like to find out how sensitive your company is to these practices? Contact us for a free check-up and advice.