In Conversation with André Kudelski
Kudelski Group is a global leader in digital security and convergent media. We sat down with the CEO, André Kudelski, to talk about the opportunities and threats of today’s technologies and the role digital security plays in this field.
Kudelski Group’s technologies are used in a wide range of services and applications. What are your main activities?
André Kudelski: The Kudelski Group is active in four different fields: Digital Television which provides secure digital TV solutions, the Cyber Security division that provides tailored cybersecurity solutions to enterprises and the public sector, our Internet of Things Security Center of Excellence Internet of Things that helps companies across all industries to protect their devices, their data and their business models, and lastly the Public Access division that designs integrated solutions to provide people and vehicles access to sites and installations such as parking garages or arenas.
What challenges is the cyber world facing?
AK: First, one of the issues we see in the cyber world is that most of the systems have not actually been designed to be resilient to digital threats (not secure by design). The second problem that occurs is that most of hacking attacks can now create real damage and greatly impact our lives. To illustrate: if you hack data, it is unpleasant but there are no immediate consequences for your personal safety; if your car is hacked it can be driven over the edge of a cliff…
Which industries are most exposed to cyber-attacks and why?
AK:Finance is a typical industry that is quite attractive hackers because of the high value of its secrets — transaction data, for example. Nowadays there is also a wide spectrum of strategic data and information regarding defense secrets that are highly vulnerable to cyber-attacks; regarding new weapons, for example.
How can a private company contribute to digital security?
AK: A private company is limited to operate within the frameworks defined by the law. The problem is that a cyber-attack might be coming from a country that is not subject to the same law as the target country or are done by groups that do not care about what is legal or not. That’s why I believe that, in order to effectively address cybersecurity risks, true collaboration between the private and public sectors is required.
Do you believe that Artificial Intelligence (AI) can contribute to digital security?
AK:In cyber, there are various grades of attacks: from easily preventable, to highly complex ones. AI can deal with a breach in a very smart way, but there are two sides to the coin. One the one side, AI can be used to defend against cyber-attacks. But on the other, AI can also be used by hackers to carry out a targeted and personalized hack in a way we have never seen before. So, in a way, we now see a race between the AI of the attackers and of the defense. Artificial Intelligence can thus be regarded as an opportunity and a threat at the same time. But it’s like that with all emerging technologies: digitalization, big data, blockchain technology or cryptography… The same type of technology can be used for good and bad and it’s a race between the two.
What will cyber-attacks look like in the future and how can they be avoided or tackled?
AK: Cyber-attacks are successful when they are invisible. Today, if you take the U.S. for example, the average time it takes to discover an attack is 80 days, and that is quite worrying. But this is much better than in Europe where it is 150 days. The most dangerous attacks are the ones you don’t ever see. So fundamentally it’s like with a gas leak. If you smell gas, you know it’s there. But if you can’t smell it and don’t know a threat exists, it makes the leak even more dangerous. We have to improve our resilience against these threats by developing new architectures that are secure by design from the beginning.
