3. May 2021

Interview with Denisa Lavková

Ms. Denisa Lavková is Sales Executive at Qubit Security, a company that equips the cybersecurity community on local and global perspectives with the professional networking space, offering effective cooperation, sharing the best practices, and valuable discussions. Denisa is a graduate of Matej Bel University in international relations and security studies. Her interest in cybersecurity grew while doing the internship at the Institute of International Relations and the internship at the Center for Security Analysis and Prevention. Today, as a part of the Qubit team, she creates a community of knowledge and information sharing through educational and networking events not only for the industry’s experts and professionals in cybersecurity but for the general public as well.

1. QuBit Academy is offering various bespoke Cyber Security courses. What would you say are the most desired workshops and do you see an increased demand from the logistics and supply chain industry professionals?
Qubit Academy was established to provide education in the field of information and cybersecurity. Industry professionals have various choices – training, seminars, or practical hand-on workshops within basic, intermediate, and expert levels. The main aim of the workshops is to provide its participants the most important information on topics, and great emphasis is placed on practical examples from real life. The number of participants is limited, and workshops are organized in small groups so that everyone could actively participate and communicate with the trainer. The most requested workshops on the expert are incident response workshop, then threat investigation and training focused on creating and running Security Operation Centers. For the intermediate and basic level workshops, the most popular are cybersec basics ensuring secure work in the virtual world. As hot topic workshops, we can also name the Bootcamps focused on GDPR issues. Participants in our workshops come from companies belonging to various industries, including logistics and the supply chain. However, I cannot say the demand from this sector is higher than from the others.
2. Digital transformation and automation of transport and logistics sector is booming. That however means, that it has become an easy target for cybercrime. What are the most common threats that the companies are facing at the moment?
Yes, that´s right. Cyber threats, as well as cybersecurity, are constantly evolving with the booming of digital transformation. Companies nowadays have to face too many activities of cybercriminals, but the most common is social engineering thanks to which criminals use individual sickness for achieving their goals. They try to spread malicious software, malware through emails to attack computers and drop systems, and thanks ransomware attacks try to gain money. In general, it is easier to exploit a human being’s vulnerability than try to break into the system only in a technical way. 
3. There is a significant vulnerability in the supply chain due to third parties being involved. What would you recommend the companies should do in order to increase the awareness of their employees about the potential cyber-attacks?
Each software is created by humans. And humans make mistakes. The system is much vulnerable as many companies, entities and people involved. And that´s why my answer is education, of course. It is not because I am working in this field, but because, from my perspective, it is essential for companies to have employees and staff educated at least at a basic level. So, everyone who works with a PC, with data and information of the company, should know what their theft, disclosure, and further misuse will cause. The advantage is that nowadays there are several ways to raise employees’ awareness of cybersecurity, whether through training courses, e-learning, funny videos, awareness campaigns spreading the main principles of cybersecurity. The topic, form of educational and awareness-raising activities must attract people´s attention. This will be undoubtedly successful if you show people real examples of what can happen and how it can affect them. And not only at work, but also in their private lives. There are many possibilities on the market, but the key is to realize the need and following the main principles in our everyday life.
4. What security weaknesses of the enterprise can be uncovered via implementation of “phishing test”? 
Phishing tests are a great way to evaluate the status of the organization’s security, the resilience and help identify its vulnerabilities. Such tests, done professionally, may indicate security vulnerabilities in user accounts, deficiencies in internal communication, and security incident response. What these tests reveal most is a lack of employee’s education, which means employees are not sufficiently aware of the threats and risks that for example, phishing email can cause. As it said, the cybersecurity chain is only as strong as its weakest link. In general, such types of tests show the weakest link of the company is always the human being.

5. How would you describe the current state of Cyber Security in Slovakia? 
In Slovakia, cybersecurity is a topic that is currently often discussed in many debates, and media as well. This issue has never been more important than it is now, at the time of significant digital transformation and the current pandemic crisis. The pandemic situation forced this fait accompli upon us and completely drew us into the online space. Many individuals and companies were not ready for that. Managing the transfer of employees to the home office proved to be a great challenge. A major problem is also, for example, the lack of experts and the generally low awareness of cybersecurity among the public. The current situation is a big test for each citizen, and we found out that Slovakia must do more in building resilience and ensuring better information and cybersecurity. Even if there is no 100% security, we should at least try to work on it and get to it as close as possible.

Qubit Security, s.r.o. equipts the cyber security community on local and global perspectives with the professional networking space, offering effective cooperation, sharing the best practices and valuable discussions. Their mission is to create a community of knowledge and information sharing for the industry’s experts and professionals through networking & education events.