Interviews | November 16, 2023

Human Element Needs to be a Critical Component of Cybersecurity Strategy

AppDome | The Spanish National Cybersecurity Institute (INCIBE) | KnowBe4

Tom Tovar
Co-creator and CEO


Q1. What are some of the capabilities of Appdome’s recently released mobile attack evaluation tools? What security and business issues do the tools help organizations address?

Digital brands and enterprises are blind to mobile attacks and threats. There's a ton of options to monitor and inspect attacks and threats in web and cloud environments. But, until Appdome, none to monitor and inspect threats from mobile. Appdome's Threat-Inspect is a set of new threat inspection, evaluation reporting tools build inside ThreatScope, the Extended Detection and Response (XDR) platform built specifically for mobile. With Threat-Inspect, mobile brands can easily pivot between all, unique, defended, and specific attacks, and for each attack, zero in on impacted devices, bot attacks and more. They can also create customizable views to drill down, share and report on defenses, attacks and impacted devices in the production environment. Threat-Inspect goes beyond defense monitoring and puts deep threat inspection in the hands of our users.

Q2. What is Appdome’s Dev2Cyber Agility Program about? What’s driving the need for such initiatives?

Appdome's Dev2Cyber initiative is all about operationalizing "shift-left" methodology and fully integrating Appdome's platform for Mobile App Defense into the DevOps CI/CD lifecycle and tech stack - including build, test, and release platforms. The goal of this initiative is to make cyber easy on engineering teams to increase compliance and decrease friction in securing mobile applications.

Q3. What are Appdome’s plans at Black hat Europe 2023? What can customers and others expect to see and hear from your company at the event?

We're proud to support the Black Hat Europe community. Our goal at the show is simple - demonstrate how easy it can be to build, test, release and monitor mobile app defense in a continuous lifecycle for all mobile apps.

Victoria Valbuena
Head of Internationalization

The Spanish National Cybersecurity Institute (INCIBE)

Q1. How would you say INCIBE’s mission and role has evolved over the years? What are some of your current key focus areas?

The Spanish National Cybersecurity Institute (INCIBE), which falls under the Ministry of Economic Affairs and Digital Transformation and is accountable to the Secretary of State for Digitalization and Artificial Intelligence has significantly evolved in its mandate and responsibilities. Initially assigned to promote and develop cybersecurity in the country, over time it has expanded and adapted its scope to tackle developing digital threats. The organization has transitioned from being a proponent of cybersecurity to assuming a more fundamental function in safeguarding against cyber threats. Currently, INCIBE is proactively enhancing the competencies and understanding of individuals and establishments via tailor-made coaching sessions, informative initiatives, and educational programs. Research and development additionally play a significant role, as it is dedicated to promoting innovation in the field of cybersecurity, fostering exploration into new security technologies, and engaging in initiatives that tackle emerging obstacles in the digital sphere.

Additionally, INCIBE provides aid to businesses by offering expert services, including consultation, security audits, and establishment of reference structures to safeguard infrastructures. In short, INCIBE has continuously adapted to the ever-changing demands of the digital landscape and established itself as a key participant in advancing cybersecurity both in Spain and abroad.

Q2. Why are broad EU initiatives like the European Cybersecurity Challenge Competition of which INCIBE is a part, important? How successful has the competition been in alleviating the shortage of cybersecurity professionals in Spain and across Europe, in general?

Initiatives like the European Cyber Security Challenge (ECSC), in which INCIBE is involved, are crucial. The competition seeks to recognize and nurture potential in the realm of cybersecurity, with the intention of tackling the rising scarcity of experts within this industry. It additionally promotes collaboration and connections among participants, businesses, and delegates from multiple countries, reinforcing relationships and establishing a network of cybersecurity experts. For instance, in this 2023 event, 30 European countries have taken part.

The competition also plays a crucial role in raising public awareness concerning the significance of cybersecurity in an increasingly technology-oriented world. It also emphasizes the necessity of increasing the representation of females in cybersecurity roles, tackling the gender disparity in this field. INCIBE takes an active role in choosing and preparing Spain’s team for the contest. This tangible initiative, combined with the dedication to recognize and allure skilled individuals, to use cybersecurity for society, and to involve a broader audience for increased awareness, constitutes a proactive solution to the cybersecurity skills deficiency.

The competition is endorsed by the European Commission and, in a wider context, comes under the umbrella of the EU Cybersecurity Strategy and the NIS Directive. These, along with the European Agenda on Security, offer the overarching strategic framework for EU efforts on cybersecurity and cybercrime. In this context, recognizing cybersecurity expertise is crucial for enhancing cybersecurity competencies. Therefore, these competitions aim to encourage, identify, train, and promote the finest young talents in every country.

Q3. What are INCIBE’s goals in participating at Black Hat Europe 2023? What are you hoping attendees will be able to take away from INCIBE’s participation at the event?

In 2023, INCIBE has considerably expanded its presence at global events and conferences, aiming to attain greater exposure for our cybersecurity initiatives in Spain. For us, participating in a crucial event like Black Hat Europe serves three main purposes.

The primary aim is to increase awareness of the cybersecurity landscape’s potential and excellence in Spain. The public-private collaboration programs promoted by INCIBE to encourage digital entrepreneurship, the national investment ecosystem, and the new legal and fiscal framework introduced by the recent Entrepreneurs Law make Spain an ideal hub for UK companies to expand into the LATAM market, as well as the Middle East and Africa.

Another reason to participate in this year’s Black Hat event is to gain firsthand knowledge of the emerging global trends and innovative areas of cybersecurity associated with new technologies like artificial intelligence, 5G networks, and quantum computing. This will enable us to develop new programs and partnerships with other stakeholders in the global ecosystem to address emerging cybersecurity challenges and threats in the coming years.

And last, but not least, our aim is to strengthen relationships and meet new potential partners, both public and private, for future international collaboration. Cybersecurity threats are global. Such cooperation between countries will become increasingly necessary to ensure the safe use of networks. We want everyone who visits our booth at Black Hat Europe 2023 to see that Spain is a great partner for cybersecurity projects and that INCIBE is the country’s key player in bringing together and promoting the national cybersecurity sector in terms of entrepreneurship and business growth, talent, and R&D programs.

Joanna Huisman
Senior Vice President Strategic Insights & Research


Q1. What role can corporate leaders play in enabling a better cybersecurity culture at their organizations? How can they get stakeholders across the organization to focus on the human aspects of security?

The human element is the most critical part of an organization’s security infrastructure. All employees should understand what their role and responsibility is to protect the organization and themselves from a cyberattack. Security culture, as defined by KnowBe4, is the ideas, customs and social behaviors of an organization that influence their security. Executives need to ensure they are role modeling and fostering an environment that is security ready by investing in both the focus of their security awareness training program and the readiness level of their users. Promoting a comprehensive and continuous program that includes a variety or style/content, testing and engaging communication is a leading best practice as seen through our annual Phishing by Industry Benchmark Report.

Additionally, if you expect your organization to do the right thing, you must lead them accordingly. Executives should be active participants in all aspects of driving security awareness throughout their organizations, which includes participating in the same security awareness training requirements that the rest of their employees are expected to complete. Security leaders who ignore the problem, do the bare minimum, focus only on technology or still rely on old-school training methods leave their organizations vulnerable to a potential attack. Additionally, confusing required compliance training as security awareness training leaves major gaps in employee knowledge and ability. These two areas of focus should be combined to create a holistic and comprehensive learning program that covers all areas that could negatively expose an organization.

Executives should be intentional and consistent in how they use positive and negative reinforcement to encourage employees to complete required training, adhere to security policies and demonstrate ongoing, favorable, secure behavior. Using motivators increases accountability and the employees’ overall role in driving a more secure culture.

Q2. Looking at 2024 and beyond, how should organizations be preparing for AI-enabled social engineering attacks and other threats? What should they be doing now to mitigate AI-related threats?

Increasing percentages of phishing emails are making it past secure email gateways and into users’ inboxes. According to ArmorBlox, 56% of email-based attacks bypassed legacy security filters in 2022, and 18.8% of phishing emails bypassed Microsoft Exchange Online Protection and Defender to make it to a user’s inbox, according to a report by the Check Point Email Research Team. Lastly, threat actors are increasingly using image-based textual messages to evade text-based security filters. Outdated phishing email analysis and mitigation strategies provide minimal anti-phishing protection to your organization.

AI-powered phishing mitigation and crowdsourced threat intelligence are now critical capabilities for an organization’s email security defenses. They act as a force multiplier for security teams by providing scalability, accuracy and real-time response via some key capabilities:

  • ML- and AI-powered analysis and prioritization of emails to eliminate the guesswork of identifying high-risk phishing threats from all the user-reported messages.
  • Crowdsourced threat intelligence and AI-powered blocklisting to automatically quarantine and remove phishing threats from your users’ inboxes based on real-world phishing threats that millions of other end-users have already reported.
  • The ability to automatically group or cluster messages based on patterns to allow incident response teams to identify a widespread phishing attack. Messages should be dynamically grouped by commonalities based on rules, tags and actions.

Q3. What does KnowBe4 plan on highlighting at Black Hat Europe 2023? What can attendees expect to learn about KnowBe4’s latest capabilities and offerings at the event?

We are really excited about the session that Javvad Malik and Erich Kron are leading on December 6th at 10:15 in Business Hall Theatre A. The session is titled "Lies, Deception and Manipulation: Let's talk about Deepfakes," and (as the title implies), it delves into the world of digital image and video manipulation. Javvad and Erich will explore how advancements in technology have made it challenging to distinguish real from fake, particularly in the context of social engineering attacks like email phishing and text smishing.

They'll discuss the implications of AI and machine learning in creating highly realistic fake videos and audio recordings, and how these can have severe impacts on individuals' careers, families, and even political landscapes. The session aims to shed light on the technology driving these fakes, potential malicious uses, and the efforts being made to counteract this alarming trend. Join Javvad and Erich to learn more about protecting yourself in this digital age, where distinguishing truth from fiction is becoming increasingly complex.

Sustaining Partners