1. Please introduce yourself. How do you deal with cybersecurity daily ?
My name is Maarten Van Horenbeeck, I’m from Belgium, and a Board Member of the Forum of Incident Response and Security Teams (FIRST), an international association of security teams at over 500 governments, corporations and universities. I’m also the Chief Information Security Officer of Zendesk, a Software-as-a-Service CRM and customer experience vendor based out of San Francisco. There I am responsible for cyber and physical security of our products, our corporate networks and our over 3,500 employees globally.
2. How do you feel the FIC can contribute to promote a European vision of cybersecurity ?
In the last few years, we’ve seen Europe build out a leading role in terms of what sustainable cybersecurity looks like – through the implementation of the NIS Directive, the GDPR and a cyber sanctions regime, all which put stability and a sense of agreement and cooperation first. This vision has been very helpful and has widely influenced approaches in different parts of the world.
Where FIC can step in specifically is helping to bring together the community of European security vendors and implementers to exchange experiences. There is no real other forum where this level of partnering can take place, and FIC is uniquely well suited to create an environment where organizations can lean from others, and share back with the community.
3. What is there at FIC for your peers ? (Benefits of attending FIC for your community)
For CISO’s, the key benefit of FIC is to learn about new strategic directions within the industry. It’s a great place to learn about new initiatives, new problem areas, and how others are addressing them. I usually start off by looking through the program for the top three challenges I’m facing in a given year, and then looking at the background of the speakers. I am particularly focused on talks where the individual presenting is facing similar challenges as I am within my organization.
A secondary benefit is of course networking. FIC is simply the best place in Europe to meet your peers and counterparts, or have a quick meeting with a new vendor you are interested in. With the wide attendance the conference has, there’s lots of opportunity to go “outside your comfort zone” and meet new people and organizations.
4. Why is this year’s theme “collective and collaborative security” such an essential / strategic issue in today’s context ?
Cybersecurity has always been a very collaborative topic. I have worked for several product vendors, and the teams I’ve been with never considered security to be a “competitive advantage” we needed to fight others on. Instead, we believed that if we all worked together to raise the bar across the entire industry, we make the pie larger for everyone. Make cloud services more trustworthy, and there will be greater interest from organizations to store their data in this model.
This year, though, all of this has become much more important. When COVID happened, we needed to exchange information more quickly, to deal with new threats that arose from all of us working from home. In addition, globally we’re seeing countries take much more restrictive stances on foreign technologies, are seeing export restrictions and sanctions make the world a more difficult place for cooperation. To me, this year’s theme reinforces that as a security community, we always need to start from cooperation and collaboration in order to be successful. The adversaries are always sharing – so should we.
Mr Maarten Van Horenbeeck is a board member and former chairman of the Forum of Incident Response and Security Teams (FIRST), the largest association of security teams, counting 300 members in over 70 countries. Chief Information Security Officer at Zendesk, he previously led Security Engineering at Fastly and the Threat Intelligence team at Amazon. He also worked on the security teams at Google and Microsoft. Maarten has a master’s degree in information security from Edith Cowan University and a master’s degree in international relations from the Freie Universitat Berlin.
- Tracing, not Tracking (by Army General (2S) Watin-Augouard, Founder of the FIC) Legal Issues
- The “right to be forgotten”, a relative right (by Army General (2S) Watin-Augouard, Founder of the FIC) Legal Issues
- Why cybersecurity is a human rights issue, and it is time to start treating it like one (by Deborah Brown & Anriette Esterhuysen, Association for progressive communications) Legal Issues
- EncroChat: Deciphering of the End-to-End Encryption Service Used by Criminals Cybercrime
- Preserving Digital Footprints and Cyber Resilience: Training the Swiss Police (by Sébastien JAQUIER, Deputy Head of ILCE) Cybercrime
- Ransomware in Six Questions (by the Ministerial Delegation to the Security Industries and the Fight Against Cyberthreats, French Ministry of the Interior) Cybercrime
Cyber risks management
- The great cybersecurity challenge (by William Lecat, General Secretariat for Investment) Cyber risks management
- RSSI/CISO: The “swiss army knife” of cybersecurity! (by Delphine Chevallier, DG, Thalia NeoMedia) Cyber risks management
- Presentation of the EBIOS Risk Manager method (by the EBIOS Club) Cyber risks management