Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity News

Four Years in Europe: Lessons in Cybersecurity

By Oliver Tavakoli
europe-enews
November 1, 2018

A recent week-long trip to Europe provided an interesting perspective on how much the state of cybersecurity sentiment in European companies has changed.

As part of my job, I have been regularly visiting European customers and prospects since the spring of 2014. On those trips, I’ve had meetings with individuals who hold a range of titles – hands-on-keyboard security analysts, security operations center (SOC) managers, heads of information security and Chief Information Security Officers (CISOs).

Our early forays into the European market began in Germany and targeted enterprises with 5,000 to 10,000 employees – in other words, not the largest enterprises with 50,000 or more employees. In the Germany of 2014, most of the companies I encountered had a relatively immature security practice that consisted of an array of preventive technologies.

Next-gen firewalls were all the rage, and there was a strongly-held belief that preventing the majority of bad things was desirable (agreed!) and that what would get through would not do material harm (wrong!). Most didn’t have a SIEM, hardly any had a SOC (internal or otherwise) and the idea of employing analysts whose job it was to look at warnings issued by their security products was completely foreign to most of them.

Four years have made a huge difference in the perspectives and mission of German mid-size enterprise security teams. The General Data Protection Regulation (GDPR) that went into effect in May of 2018 certainly has contributed to the change.

While Germany famously has strong workers’ councils (Betriebsräte), its mission has been to protect the rights of employees, and in discussions with security teams an employee’s right-to-privacy would definitively be considered in-scope.

GDPR is all about protecting the right to privacy of non-employees, especially the data of consumers and individuals in firms that your company does business with. Given that GDPR had a two-year advance notice period and given the potential fines that can be levied as a result of non-compliance with GDPR, many companies have stepped up their game in the intervening period.

The spate of ransomware attacks in 2017 that included worm-like spreading capabilities (WannaCry, Petya, NotPetya) was well-publicized in Europe and also seems also have been a wake-up call. The British National Health Service (NHS) was nearly crippled for several days by WannaCry. The NHS subsequently performed a post-mortem and published a report that included a summary of changes and recommendations for preparedness and response. Maersk was severely affected by a NotPetya outbreak that reportedly affected their bottom line to the tune of “USD $200-$300 million.”

The combination of the looming GDPR date and the very real examples of the potential cost of a cyberattack seems to have gotten a lot of companies with immature security practices off the fence. While the desire to up their security capabilities is real, the struggle now seems to involve how to understand their existing capabilities, how to choose a realistic target and how to navigate the path between these two points.

These organizations often have a reasonable asset inventory to start with, but it is often in little more than spreadsheet form. They have pretty good processes for handling arriving and departing employees, but don’t really have a handle on service accounts.

Many companies that had no SOC are now embarking on getting one set up – and struggling with whether they can hire the talent necessary to run an in-house SOC or whether they should find a trusted partner to run it for them.

What is abundantly clear is that the sudden rise in demand for talent against a backdrop of relatively flat supply has created a hiring bottleneck in the path to establish a stronger security posture. When organizations conclude that they cannot hire and retain the necessary talent to run a SOC themselves, their talent gap simply becomes the partner’s problem. The managed security service providers (MSSPs) inherit the struggle to hire and retain talent as well.

So, how do we navigate this talent gap? There are two necessary approaches:

 

  1. Creatively think about how to expand the talent pool.

One of the most innovative ideas I have seen in the United States is occurring at the statewide Texas A&M University System. The team that runs information security has staffed its SOC with student interns.

Combining study in information security with real hands-on work in a SOC means graduates of the program already have real-world SOC experience when they graduate. And students can “try out” a cybersecurity career without having to commit to it. This allows students who might not otherwise think of a cybersecurity career to give it a try. And it turns out many students who didn’t think they would like such a career actually do.

 

  1. Make use of technologies which are a force-multiplier.

Newer security products that utilize machine learning (ML) can allow your security team to punch above its weight class. While every security vendor now claims to use some ML and aspires to artificial intelligence (AI), products by several ML-originated companies have been on the market for several years and have proven their worth. In some ways, if you’re way behind where you need to be, you have to take more aggressive (and sometimes uncomfortable) steps to catch up.

 

Overall, I am heartened by the changes of the last four years. While the quantity and sophistication of attacks have increased, everyone finally seems determined to put up a fight.

 

This blog originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.

KEYWORDS: data security employee safety GDPR international security security automation security talent gap

Share This Story

Vectra cto oliver

Oliver Tavakoli is chief technology officer at Vectra. Oliver is a technologist who has alternated between working for large and small companies throughout his 25-year career – he is clearly doing the latter right now. Prior to joining Vectra, Oliver spent more than seven years at Juniper as chief technical officer for the security business. Oliver joined Juniper as a result of its acquisition of Funk Software, where he was CTO and better known as developer #1 for Steel-Belted Radius – you can ask him what product name came in second in the naming contest. Prior to joining Funk Software, Oliver co-founded Trilogy Inc. and prior to that, he did stints at Novell, Fluent Machines and IBM. Oliver received an MS in mathematics and a BA in mathematics and computer science from the University of Tennessee.

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing