Global Security Mag : What will you be presenting at Les Assises de la Sécurité event?

Florent Embarek : This year, we will be taking advantage of the Security Conference to discuss with the organisations present their current concerns, which have been partly affected by the health and economic context that we have been experiencing for over a year now.
BlackBerry currently secures more than 500 million devices, including more than 195 million vehicles currently on the road. We use Cylance’s AI and Machine Learning and offer businesses and organisations a preventative - and end-to-end - approach to cyber security. It is important for us to stay on top of needs and demands to ensure the best possible protection of our partners’ sensitive data and assets.

Global Security Mag : What will be the theme of your conference this year?

Florent Embarek : This year our experts and customers will meet in a workshop on Thursday 14 October at 10:00am, entitled: “Security & Hybrid Work: how Cylance’s predictive AI can secure all your endpoints and mobiles”.
With the exponential increase in the number of threats and the explosion of the attack surface caused by teleworking, it is imperative for companies of all sizes to have a complete arsenal of protection. We will review the different building blocks of the new BlackBerry CyberSuite platform (EPP, EDR, XDR, MTD, UEBA, MDR, and Zero trust) and present how Cylance’s predictive AI can prevent and stop the spread of an attack.

Global Security Mag : What are the main threats you could identify in 2021?

Florent Embarek : 4 years after the wave of WannaCry and NotPetya ransomware attacks, the world is once again facing a record year of cyber-attacks in 2021. The COVID-19 pandemic has led to a dramatic increase in the number of cyber-attacks worldwide and the democratisation of Crimeware-as-a-Service models now representing an extremely high threat.
Regularly, whether personal or professional, the leakage of large quantities of data (ransomware, data theft, espionage, phishing, etc.) makes the headlines: ever more numerous and increasingly sophisticated and targeted attacks.
Even if some of these attacks have affected large companies (such as Kaseya, Colonial Pipeline, JBS meat Packaging or Acer for the most publicised), other lesser-known attacks have generated significant profits for hackers. From multinationals to small businesses, no type of company has been spared - not even hospitals and medical centres of first necessity.
Through our Research & Intelligence Team, we constantly monitor trends in cyber attacks. We have been able to identify and track the techniques and methodologies of many cybercriminal groups such as Bahamut, CostaRicto, Phobos Ransomware, Lockbit 2.0 Ransomware ou encore RansomEXX Ransomware.

However, there were a few key trends that stood out in 2021:

• Cybercriminal groups have experienced a year of unprecedented growth, with unscrupulous actors and organisations outsourcing their cyberattacks. As a result, Ransomware-as-a-Service techniques are more popular than ever, gradually replacing traditional ransomware attacks (out-of-the-box kits, spam campaigns or threat emulation software).
• The targeting of ransomware attacks has gone from anarchic to extremely precise, notably through the deployment of compromised MSSPs.
• Emotet, the banking Trojan (turned into an attack platform) has received new updates and features, including a vulnerability that allowed BlackBerry researchers to easily identify it and prevent it from being installed on systems.

Please see the BlackBerry 2021 annual report, available here: https://www.blackberry.com/us/en/forms/enterprise/report-bb-2021-threat-report.

Global Security Mag : What about the needs of companies?

Florent Embarek : Companies and organisations are more than ever in need of expertise and automated solutions to respond to increasingly complex and sophisticated threats. The number of attacks is increasing exponentially as is the attack surface (mobile, IoT, etc.). Obsolete environments are potential entry points to the company’s IT system and its sensitive data. Hackers, on the other hand, are relentless: it is therefore imperative for companies to remain constantly vigilant.
However, they face a major problem: the lack of resources. For too long, the sector has been experiencing difficulties in recruiting talent and security experts. Vendors must be able to provide them with the most automated solutions possible, allowing them to reduce the "noise" (i.e., the security alerts that must be processed by their teams).

Global Security Mag : How will your strategy evolve to address these issues?

Florent Embarek : Our combined expertise in the management and security of all terminals is unique. We support all types of companies and organisations, from SMEs to multinationals. Our strategy is to connect, secure, and manage every endpoint in the Internet of Things. Beyond a secure enterprise or secure building, we think about building critical infrastructure, securing utilities, automotive safety, and securing the end consumer themselves. BlackBerry protects business, endpoints, and people, with smarter security solutions that are more effective and require less resources to support, that produce a better return on investment for their users.

With the pandemic, telework and its security have become essential today. How do you integrate these principles into your company and your offer?

Florent Embarek : Very good question! This is indeed the subject of our workshop this year!

What advice do you have on this matter, and more generally on how to limit the risks?

Florent Embarek : The need to be equipped with an antivirus on one’s workstation is no longer in question.
Users remain the prime target of attackers. Human beings are curious by nature: clicking on a link, downloading software, inserting a USB key, opening an attachment from an unknown sender... so many actions leading to the infection of work or mobile doors.
Increasing the level of protection on endpoints means being closer to the user and often anticipating a cyber attack.
Companies need an effective solution that does not depend on updates and that does not penalise machine performance: this is what we offer!

Global Security Mag : Finally, what message would you like to send to CISOs?

Florent Embarek : We have always encouraged our customers to think beyond traditional solutions, to reduce complexity and to limit the cost of security: they are aware of this after having tested all our solutions...
A new approach is possible: meet our teams from 13 to 17 October to discuss it together!

– More information:fembarek@blackberry.com