By Megan Lupton, Senior Content Executive, Champions Speakers
From one of the most wanted hackers to being featured in the Top Trending Ethical Hackers list, Greg van der Gaast has been on both sides of the fight against hackers. In this exciting interview, he reflects on the UK’s biggest cyber threat and reveals what he believes to be the next big style of cyber-attack.
In your opinion, what is the biggest cyber threat the UK faces?
“Everyone will say ransomware, but ransomware is basically a payload; it’s a way of monetising a breach. I think the really shocking thing is the way companies get breached, the way that people get in the door, because it really hasn’t changed in the 25 years that I’ve been doing this.
“People are still not building systems properly, they’re still not maintaining them properly, they’re still not doing asset inventory. They’re not patching properly, they have poor processes, they have a lack of consistency in processes. You’re basically living in a house with a thousand doors and a thousand windows, and some constantly being left open – that’s how people get in.
“For large businesses and organisations, you need a holistic and business-aligned security approach that’s truly proactive and in line with the business, in line with how things actually work. Then, you come up with effective, sustainable ways of doing things rather than the security status quo, which is just ‘buy another tool’.”
What would you say is the weakest link in the cyber defences of a business or organisation?
“Everyone says people – ‘people are the weakest link’ – but they’re also your first line of defence.
“It’s, in a word, sloppiness. Lack of maturity, lack of processes, lack of integration, not having that full holistic view of your environment. But also, your IT and your security not understanding the business processes themselves, not knowing what there is to protect. Those are the real issues.
“You hear a lot about ‘Dave from Marketing clicked an email and that’s how everything went wrong’. He clicked on an email, so an attacker had Dave’s level of access on his laptop.
“But… how did they get the admin? Because you hadn’t configured that laptop properly. And how did they get through your VPN? And how did they get through your firewall? Because you hadn’t updated the firmware, you hadn’t changed the default password.
“Let’s blame it all on Dave from Marketing, instead of the security and IT teams who didn’t do their jobs.”
What do you predict will be the next big style of cyber-attack?
“Ransomware is very disruptive, we’ve got more and more critical infrastructure being hit. I think that’s going to continue to grow, continue to scale up.
“We’re still not taking the problem seriously. We usually just blame an intern and go from there. I think someone told me that T-Mobile has been hacked six times in the last three years… that’s probably a bad sign.
“I think it’s going to be a bit more of the same, but it’s going to get more and more damaging. The scale of things will get worse and worse.”
This exclusive interview with Greg van der Gaast was conducted by Mark Matthews.
About the Author
Megan has managed the internal content for Champions Speakers since 2019 when she joined the company as a Digital Copywriter. In 2020, she progressed to Content Executive and only a year later, Megan was promoted to Senior Content Executive, where she now manages the Champions Speakers YouTube channel and PR outreach.
Continuing her passion for writing, Megan started a PhD at De Montfort University in October 2021. She previously earned her Bachelor of Arts in Film & Creative Writing at the University of Essex and her Masters of Arts in Creative Writing from Teesside University. In her current course, Megan is studying the ethics of such digital forms as podcasts and is conducting metafictional research on the creative process.
In her role, Megan has interviewed several exciting names including Dr Alex George and Sir Mo Farah. She is particularly passionate about LGBTQ+ pride and female empowerment, digital media and journalism – topics Megan enjoys writing about at Champions and researching for her PhD.
;
We are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.