Cyber policy issues play an ever-greater role in national security and foreign affairs, and our prosperity and security depend on how well we respond to opportunities and challenges in cyberspace.
The Political Section and the Foreign Commercial Service of the U.S. Embassy in Budapest organized “Strengthening Cybersecurity Capabilities in Hungary,” a workshop to foster dialogue and provide a space where American and Hungarian subject matter experts and industry insiders could share information to support collaboration. The workshop was hosted by the International Law Enforcement Academy (ILEA) in Budapest on October 17, 2022 with the participation of 50 representatives of local companies.
The International Law Enforcement Academy (ILEA) opened in 1995 with the goal to professionally advance the criminal justice community and strengthen democratic governance of participant countries world-wide and increase social, political and economic stability by combating transnational organized crime through international cooperation.
Diplomats from the U.S. Embassy Budapest delivered opening remarks, followed by an FBI special agent’s Threat Landscape 2022 presentation and a Hungarian law enforcement representative’s overview of the Cybercrime Department at the Hungarian National Bureau of Investigation.
As Senior Commercial Officer Neil Pickett highlighted in his opening remarks, safety is a concern on everyone’s minds these days and cybersecurity is an area that can affect every aspect of our lives. Recent events in Ukraine clearly show us that modern warfare is not fought with just guns, missiles, and brute force, it is being fought with drones, artificial intelligence, and secure telecommunications. The safety and security of our supply chains, both tangible and digital, have never been as important as they are today.
Our critical infrastructure, energy supplies, financial information, logistics, healthcare and so much more are dependent on the integrity and security of our networks and data, and we must protect it at all costs. In his speech Mr. Pickett underlined the importance of the strength of the U.S.-Hungarian relationship and the need to continue to strengthen our cooperation on every level.
Political Officer Steve Clarke surprised the audience by delivering his welcome speech in Hungarian. He emphasized that now, more than ever, as Russia continues to take measures that attempt to upend international order and security, the United States and our Allies and partners must work together in the interest of our shared security. Cybersecurity collaboration is at the forefront of that united approach.
Assistant Legal Attaché Paul Vitchock of the Federal Bureau of Investigation at the U.S. Embassy in Prague outlined the major criminal cyber threats of our times with several case studies. Ransomware is a top cyber threat globally: A company is hit by ransomware every 40 seconds.
What is Ransomware?
Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
StopRansomware.gov is the U.S. Government’s official one-stop location for resources to tackle ransomware more effectively.
Business Email Compromise (BEC) scam and crypto theft, other common threats, continue to grow, evolve, and target businesses of all sizes. Special Agent Vitchock highly recommended using the Cybersecurity & Infrastructure Security Agency’s website as a resource to get informed.
Mr. Tamás Nagy, Deputy Head of the Hungarian National Bureau of Investigation’s Cybercrime Department Criminal Intelligence Division, gave an overview of his department’s responsibilities and main tasks. He talked about the role of law enforcement in Hungary when certain criminal acts are committed against IT infrastructure and how they interact with the victim, private companies assisting the victim, and international cooperation. Mr. Nagy confirmed in his presentation that ransomware is the biggest cyberthreat in Hungary as well. He called for closer collaboration not only between agencies, but also the public and private sector, as cybersecurity is the responsibility of everyone in our society.
Mr. Nagy is an alumnus of the National Cyber-Forensic Training Alliance’s Cyber Intelligence 2019 training. He spoke highly of the training as a unique and effective program bringing together professionals from different sectors and encouraging information sharing.
U.S. Cybersecurity Solution Provider Companies
Representatives of four eminent U.S. companies working in the field, BlueVoyant, Cisco Systems, Palo Alto Networks, and Fortinet, shared information on the ways they have helped clients prevent and resolve cybersecurity issues and on what unique cybersecurity solutions they offer.
In his “Managing External Cyber Risks” talk Balázs Csendes, Sales Director at BlueVoyant shared that 98% of the surveyed 1,500 companies said that their supply chain has been affected by cyber incidents. Supply chain cyber risks are a very hot topic, because they can cause major damage or loss in a question of minutes. He mentioned that outsourcing is one of the fastest growing security risks to an organization’s sensitive data and operations, yet few have the in-house resources and expertise to effectively identify and monitor the cyber risks associated with third parties.
Cisco Systems‘ Technical Security Architect Szilárd Csordás highlighted the three types of cybersecurity technologies in his “Zero Trust” talk: preventive services, security capabilities and cyber deception; and he concluded that by combining all three, our networks can become secure.
What is Zero Trust?
Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. Rooted in the principle of “never trust, always verify,” Zero Trust is designed to protect modern environments and enable digital transformation.
“Hungary: Zero Trust with Zero Exception” was the title of Palo Alto Networks Regional Sales Manager’s Ádám Zoltán’s presentation. He emphasized, and other presenters agreed, that complexity is a great enemy of cybersecurity professionals. He highlighted that 100% of breaches happen on allowed activity. The Internet of Things (IoT) devices also bring great risk to businesses and humans, as they are one of the weakest links of the network for attackers. In 2021 there were 3 billion attacks on IoT devices that resulted in $8.8 billion loss.
“Prevention is the most efficient” when it comes to cybersecurity, stated Zoltán Kiss, System Engineer at Fortinet. Talking about business continuity and cybersecurity challenges, he raised the serious problem that oftentimes cybersecurity does not support the workflow, although its aim is to protect businesses to allow them to grow. He suggested that companies assess their networks’ vulnerabilities to better prepare for cyber threats.
The conference ended with a Cyber Security and Incident Response Planning panel discussion. Panelists from the FBI, the Hungarian Police, IBM and CMS Law Firm discussed the cyber trends around the world and in Europe, the state of cybersecurity in the region, and what unique cybersecurity solutions U.S. companies can offer.
Thanks to all our presenters, sponsors, and participants.
Data Breach Response: A Guide for Business
Business Email Compromise through Exploitation of Cloud-Based Email Services
Business Email Compromise: The $43 Billion Scam
Cybersecurity & Infrastructure Security Agency
Internet Organized Crime Threat Assessment (IOCTA)
National Cybersecurity Center – Hungary