Romania's National Cybersecurity and Incident Response Team (DNSC), reorganised under this name in 2021, is aiming to become a Cyber Hub, a recognised leader in cybersecurity, Mihai Constantinescu, cybersecurity manager at the Innovation, Research and Development, Services and Intellectual Property Directorate (INOV) with the DNSC, said on Thursday at a specialist event.
"The directorate has set - and in 2021 it was reorganised under this title - to become a Cyber Hub, to attract all fields of activity and to become a world class institution that firmly positions Romania as a recognised leader in cybersecurity," Constantinescu told a conference on cybercrime during the digital transformation of the economy and in times of war, fourth edition", organised by Club Entrepreneur Magazine and Pozitiv newspaper.
Speaking of a "hybrid war on Romania's border," the DNSC official presented the major implications in the field of cybersecurity, both regionally and globally: an increase in state-sponsored cyberattacks; the militarisation of cyberspace; strengthening international cooperation in cybersecurity; disinformation and information warfare; adaptation of cyber infrastructures; the impact on companies and citizens; fast-tracking lawmaking and regulation.
At the same time, the cybersecurity manager also referred to cyberattacks, disclosure of sensitive data, vulnerable critical infrastructures, information manipulation and disinformation, dependence on third-party providers, lack of resources and insufficient training, internal threats (sabotage, internal fraud), the impact of regulations and compliance, as well as the impact of the pandemic and remote work.
In addition, he made some general cybersecurity recommendations, including access protection and authentication: enabling multi-factor authentication (MFA) for all critical accounts, and using complex and unique passwords for each account.
"Ensure regular updates of connected operating systems, applications and medical equipment. Monitor known vulnerabilities and apply patches as soon as they become available," said Constantinescu.
According to him, it is extremely important to prevent phishing and social engineering attacks. "Organise regular training sessions for healthcare and administrative staff and encourage the reporting of suspicious messages (emails, SMS, phone calls)."
Regarding the protection of patient data, it is recommended to encrypt data in transit and at rest and avoid local storage of files with personal information on unprotected devices.
At the same time, the DNSC official recommended automatic and air-gapped backups, as well as regular testing of recovery plans in case of computer security incidents.
He also suggested including cyber hygiene topics in the training of employees.
Among the partners of the event were the Bucharest Chamber of Commerce and Industry (CCIB), the National Association for Information Systems Security (ANSSI) and the Romanian Association of Banks (ARB).
Comentează