Webmail

De Slimste Cyberexpert 2024

Ctrl+Alt+Defend! 

Heeft Cyberbeveiliging voor jou geen geheimen?

Welke IT’er speurt hackers sneller op dan zijn schaduw en kent alles over Blackhats, Deepfake, phishing, NIS2, ...?

 

Sinds 2022 gaat Telenet Business jaarlijks op zoek naar de Slimste Cyberexpert. In oktober 2024 konden cybersecurity- en IT-professionals opnieuw naar de titel dingen door deel te nemen aan een online wedstrijd waarin hun kennis getest werd.  

Proficiat aan de winnaars van de Slimste Cyberexpert 2024

Annelore Van Eeghem

ICT Manager
Ziekenhuis Vitaz

Ringo Deloof

IT Specialist
Founder & Owner Deritron 

Brecht Vermeer

Security Specialist
Europees Parlement

De 20 vragen en antwoorden

  1. Question: Which malicious hacker group in the world was dismantled in an international police operation in February 2024?
    Answer: Lockbit.

  2. Question: CrowdStrike Falcon sensor caused a Blue-Screen of Death (BSOD) on Windows machines because of:
    Answer: Gaps in the testing process at Crowdstrike.

  3. Question: What is the most successful subject for a phishing email in 2023? *
    Answer: HR: Important: Dress Code Changes.

  4. Question: Deep fakes are a big threat for companies, what is the biggest successful attack known? (until  01/09/2024)
    Answer: CFO Fraud for 25 million dollar.

 

Source: KnowBe4

  1. Question: What does TTP stand for in the context of Threat intelligence?
    Answer: Tactics, Techniques, and Procedures.

  2. Question: Often called the next big thing, hackers are targeting the production environment. How is cybersecurity called in that domain, when referred to in relevant standards?
    Answer: IACS Cybersecurity.

  3. Question: The NIST CSF 2.0 framework defines 5 core functions of cybersecurity. Where is MFA?
    Answer: Protect (Access Control).

  4. Question: What does VCaaS mean in a cybersecurity context?
    Answer: Voice Cloning as a Service.
  1. Question: Which change (amendment) was added this year (1/2/2024) to the ISO270001 standard?
    Answer: Climate action.

  2. Question: A CISO receives a message from the CCB that his company is being targeted by hackers. The first step the CISO must take is:
    Answer: Immediately inform management of the increased risk.

  3. Question: Regarding NIS2, who in the board of essential or important entities, has to be trained on cybersecurity to insure the right decisions are taken
    Answer: All members of the board need to follow a training on the basics of cybersecurity.

  4. Question: Belgian NIS2 law has obligations for operators of industrial assets in important and critical companies. The most appropriate set of standards related to IACS is IEC 62443. What statement is the most correct?
    Answer: The most relevant IEC 62443 standard for EU NIS2 is IEC 62443-2-1 security program requirements for IACS asset owners.
  1. Question: What is the difference between a SIEM and a SOAR?
    Answer: A SIEM collects data from various sources and identifies suspicious activities. A SOAR uses this data to automatically take actions.

  2. Question: Which threat is least likely to be based on AI technology?
    Answer: Insider threat.

  3. Question: What makes Data Loss Prevention (DLP) very difficult to implement correctly in an organization?
    Answer: The complexity of accurately identifying and classifying sensitive data.

  4. Question: What is one of the biggest challenges for cybersecurity experts when implementing quantum cryptography?
    Answer: The cost and complexity of quantum hardware and infrastructure.
  1. Question: What is the purpose of a "rainbow table"?
    Answer: A technique to crack hashed passwords.

  2. Question: With which technique is it NOT possible to decrypt SSL traffic during a Man-in-the Middle attack?
    Answer: Dictionary attack.

  3. Question: What is NOT a risk of typosquatting?
    Answer: Cybercriminals can approach people directly with requests to invest in crypto coins.

  4. Question: In an industrial environment we refer to the MITRE ICS Matrix that contains a list of often used techniques for Initial Access. Which of the belows techniques are most often used by hackers?
    Answer: T0822: Exploitation of Remote Services.

Met dank aan het expertenpanel

Deze Slimme Cyberexperten hielpen ons de wedstrijd samen te stellen.

Marc Vael

President SAI.BE CISO Esko

Karolien Dewit

Cyber Security Manager Brussels Airport

Alexandre Pluvinage

Head of Anti-fraud and Online Security Awareness ING

Patrick Coomans

Global Product Owner Cybersecurity Vinçotte (part of KIWA)

Bereid je voor op NIS2!

De NIS2 regelgeving is sinds 18 oktober van kracht. Ontdek welke stappen je moet nemen op basis van jouw bedrijfsgrootte en -behoeften om te voldoen aan NIS2.