Subscribe

Security on the Spot Series: GTSP

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 24 Apr 2013

Jacques van Heerden, CEO of Global Technology Security Provider (GTSP), discusses information security ahead of the ITWeb Security Summit 2013.

What do you see as the single biggest information security risk this year?

Mobile devices, mobile phones, SQL injection.

What is the one key risk mitigation step enterprises need to take this year?

Data leakage prevention (DLP).

What, in your view, was the biggest security breach of the past year?

Web site hacking.

What is the biggest information security weak spot in the enterprise?

Staff, social engineering, TRAINING!

In a nutshell, how has cyber crime changed in the past year?

Cyber criminals are becoming increasingly more sophisticated with their malware and phishing attacks.

What are cyber criminals targeting now, and what will they target in future?

Currently, they are targeting your money; in the future, they will still steal your money. I also foresee that these criminals will be installing more sophisticated botnets on mobile devices, because (by default) there is no firewall or anti-virus on your mobile phone. These criminals will be renting out these botnets to other criminals.

Visit GTSP at this year's IT Security Summit. The 8th annual ITWeb Security Summit will be held from 7 to 9 May 2013 at the Sandton Convention Centre. The gathering creates an opportunity for senior security professionals and business decision-makers to learn about new strategies and tactics, and hear insight and comment from leading international and local subject-matter experts. For further information, click here.

Jacques van Heerden biography

It is my intention to bring together the various skills I have mastered over the last 20 years in the IT security Industry.

I find it interesting that so many corporate companies do not have an IT security budget and they also do not believe that IT security is a real threat for their organisation. The biggest reason for not having a security budget is that there is no return on the investment and the money that is being spent on security. And this is so true.

You don't get any money back if you buy a good anti-virus program, nor does this same anti-virus program make your work look better. BUT...this anti-virus program will prevent your personal computer from being infected with a malicious virus.

IT security is a mindset. It is like playing chess. You constantly need to know what your enemy knows and what their next possible move could be.

This is what I teach in my hacking classes. Think like a hacker to catch a hacker. Ok, so we don't want to catch the hackers, but just prevent them from gaining access to our personal and confidential information.

Therefore, if you attend any of our five-day in-class training, I will show you some of the tools hackers use. I will show you how to use these tools and products to gain access into operating systems. The next line must be clearly understood:

"These tools show you what can be done; these tools may not be used in a malicious way in your organisation. They are very dangerous. You must at all times abide to a code of ethics rule."

In my training classes, I teach you the mindset; once you know all the tools and how to use them, you will need to know what tool is the best for the job. I also focus on several products that are out there.

Throughout my career, I have learnt that IT security cannot be governed by policies and procedures. Hackers don't follow these rules. You need to think differently if you want to protect your organisation.

Therefore, when you attend any of my classes, you will learn how to protect your data and organisation. You will also be able to write the exam on the last day of the course, or if you do not feel ready, you can schedule to write it at another date. Your certification will also be internationally recognised once you pass the exam.

I really take pride in my work and the resent EC Council Award shows my commitment to providing the best IT security support and training to students and organisations.

Share