Webmail

Le Meilleur 

Cyberexpert 2024

Ctrl+Alt+Defend !

La cybersécurité n'a pas de secrets pour vous ?

Quel informaticien traque les pirates plus vite que son ombre et sait tout sur les Blackhats, les Deepfake, le phishing, NIS2, ... ?

 

Depuis 2022 Telenet Business part annuellement à la recherche du Meilleur Cyberexpert. En octobre 2024, les professionnels de la cybersécurité et de l'IT ont à nouveau pu batailler pour tenter de décrocher le titre en participant à un concours en ligne. 

Félicitations aux gagnants du Meilleur Cyber​​expert 2024

Annelore Van Eeghem

ICT Manager
Hôpital Vitaz

Ringo Deloof

Spécialiste IT
Founder & Owner Deritron 

Brecht Vermeer

Security Specialist
Parlement européen

Les 20 questions et réponses

  1. Question: Which malicious hacker group in the world was dismantled in an international police operation in February 2024?
    Answer: Lockbit.

  2. Question: CrowdStrike Falcon sensor caused a Blue-Screen of Death (BSOD) on Windows machines because of:
    Answer: Gaps in the testing process at Crowdstrike.

  3. Question: What is the most successful subject for a phishing email in 2023? *
    Answer: HR: Important: Dress Code Changes.

  4. Question: Deep fakes are a big threat for companies, what is the biggest successful attack known? (until  01/09/2024)
    Answer: CFO Fraud for 25 million dollar.

 

Source: KnowBe4

  1. Question: What does TTP stand for in the context of Threat intelligence?
    Answer: Tactics, Techniques, and Procedures.

  2. Question: Often called the next big thing, hackers are targeting the production environment. How is cybersecurity called in that domain, when referred to in relevant standards?
    Answer: IACS Cybersecurity.

  3. Question: The NIST CSF 2.0 framework defines 5 core functions of cybersecurity. Where is MFA?
    Answer: Protect (Access Control).

  4. Question: What does VCaaS mean in a cybersecurity context?
    Answer: Voice Cloning as a Service.
  1. Question: Which change (amendment) was added this year (1/2/2024) to the ISO270001 standard?
    Answer: Climate action.

  2. Question: A CISO receives a message from the CCB that his company is being targeted by hackers. The first step the CISO must take is:
    Answer: Immediately inform management of the increased risk.

  3. Question: Regarding NIS2, who in the board of essential or important entities, has to be trained on cybersecurity to insure the right decisions are taken
    Answer: All members of the board need to follow a training on the basics of cybersecurity.

  4. Question: Belgian NIS2 law has obligations for operators of industrial assets in important and critical companies. The most appropriate set of standards related to IACS is IEC 62443. What statement is the most correct?
    Answer: The most relevant IEC 62443 standard for EU NIS2 is IEC 62443-2-1 security program requirements for IACS asset owners.
  1. Question: What is the difference between a SIEM and a SOAR?
    Answer: A SIEM collects data from various sources and identifies suspicious activities. A SOAR uses this data to automatically take actions.

  2. Question: Which threat is least likely to be based on AI technology?
    Answer: Insider threat.

  3. Question: What makes Data Loss Prevention (DLP) very difficult to implement correctly in an organization?
    Answer: The complexity of accurately identifying and classifying sensitive data.

  4. Question: What is one of the biggest challenges for cybersecurity experts when implementing quantum cryptography?
    Answer: The cost and complexity of quantum hardware and infrastructure.
  1. Question: What is the purpose of a "rainbow table"?
    Answer: A technique to crack hashed passwords.

  2. Question: With which technique is it NOT possible to decrypt SSL traffic during a Man-in-the Middle attack?
    Answer: Dictionary attack.

  3. Question: What is NOT a risk of typosquatting?
    Answer: Cybercriminals can approach people directly with requests to invest in crypto coins.

  4. Question: In an industrial environment we refer to the MITRE ICS Matrix that contains a list of often used techniques for Initial Access. Which of the belows techniques are most often used by hackers?
    Answer: T0822: Exploitation of Remote Services.

Merci à notre panel d'experts

Les Cyberexperts ci-dessous nous ont aidés à organiser le concours.

Marc Vael

President SAI.BE CISO Esko

Karolien Dewit

Cyber Security Manager Brussels Airport

Alexandre Pluvinage

Head of Anti-fraud and Online Security Awareness ING

Patrick Coomans

Global Product Owner Cybersecurity Vinçotte (part of KIWA)

Préparez-vous à NIS2 !

La directive NIS2 est entrée en vigueur le 18 octobre. Découvrez les étapes à suivre en fonction de la taille de votre entreprise et de vos besoins afin d'être confrome à NIS2.