Interview with Uroš Babić on Cloud Security, AI, and Future Challenges in Cybersecurity

Uroš Babić is a Security Architect at Crayon with over 20 years of cybersecurity experience, specializes in helping customers optimize their cloud security solutions, particularly with Azure and O365. He focuses on threat protection, data security, and implementing comprehensive strategies, utilizing tools like Microsoft Purview and Sentinel. As a recognized Microsoft Security MVP, Uroš actively contributes to the Microsoft Tech community.

Thank you for accepting our invitation to speak at Cybersecurity Summit ~ Cyberfy, and to do this interview.

Can you tell us about Crayon Security Services?

We enable organizations to achieve high resiliency of their single, hybrid, and multi-cloud environments through cloud-native technology solutions and services.

Our client journey is built to provide compelling events for our clients to migrate to cloud-native security solutions, onboard them in an automated way to achieve maximum protection and maintain their resilience through managed services.

With over 100 certified security specialists globally, we are a trusted partner, covering all critical aspects in cybersecurity with modern technology and processes.

Our services are:

Crayon Cloud Security Assessment (CSA)

From assessing client’s security maturity and technical security posture, to providing PoCs and RoI calculations, our discovery services show customers the value of cloud-native security solutions, and a roadmap to modern security architecture.

Security Stack & Baseline adoption

Our IP accelerates cloud-native security solution adoption, in an optimized way, including configurations and policies. We enable fastest time-to-value.

 

Can you tell us about the Security Challenges today?

Security threats are an unavoidable reality in today’s business environment. Whether your company operates in the cloud, on-premises, or in a hybrid model, a comprehensive and adaptive security strategy must be deeply embedded in your organization’s DNA. Ignoring this need is not an option; a proactive, resilient approach to cybersecurity is essential to safeguard your business against evolving threats

Cyber risk demands common ownership throughout an organization. It needs to be embedded in your company culture and sit front and center in all plans for your organization.

Could you share more details about your vendor partnerships and the initiatives you’re driving?

Crayon is Microsoft partner of the year in Serbia and one of the rare partners globally that is a part of Microsoft Cyber Security program.

Data Security – The Data Security Engagement is designed to create customer intent for deploying and adopting Microsoft Purview solutions (showcasing capabilities of Purview features in Teams, Exchange and SharePoint and via Insider Risk Management).

Threat Protection – The Threat Protection Engagement is designed to create customer intent for purchasing and/or deploying advanced Microsoft Security products, including Microsoft Sentinel and Microsoft 365 Defender (showcasing capabilities of MDE, MDO, MDA and Sentinel)

Sentinel – The Microsoft Sentinel Engagement is designed to demonstrate how Microsoft Sentinel helps organizations use intelligent security analytics and threat intelligence to detect and quickly stop active threats and create customer intent for deploying and adopting Microsoft Sentinel.

Cybersecurity – The Cybersecurity Assessment is designed to evaluate a customer’s cybersecurity posture and reduce their risk exposure by using advanced Microsoft Security products: Microsoft Defender Vulnerability Management, Secure Score, Microsoft Purview for Information Protection Content Explorer and Insider Risk.

With your extensive experience in cloud security, threat protection and incident response, what are the exciting projects you are currently working on?

I’m actively involved in several high-impact projects that span both domestic and international domains. Currently, I am leading initiatives that focus on deploying Microsoft Defender XDR, Defender for Cloud, Microsoft Sentinel, and Security Copilot. These projects are essential for advancing our clients’ threat protection and incident response capabilities. Additionally, I am working on implementing Microsoft Purview to address data protection, governance, and regulatory compliance challenges. Our projects at Crayon are designed to leverage the latest technologies to ensure robust security postures for our customers, reflecting our commitment to excellence in cybersecurity.

Particularly with Azure and O365, what are the top three best practices you recommend for organizations transitioning to the cloud?

Transitioning to Azure and Office 365 (O365) is a transformative step for organizations, and at Crayon, we advocate the following best practices:

  1. Comprehensive Migration Planning: Start by identifying what needs to be migrated and anticipate potential challenges. Develop a detailed migration and cloud adoption plan that includes timelines, resource allocation, and risk management.
  2. Adopt a Zero Trust Framework: Implement a Zero Trust approach to ensure that every access request is authenticated, authorized, and encrypted. This is crucial for protecting sensitive data and maintaining compliance throughout your cloud environment.
  3. Ongoing Monitoring and Optimization: Continuously monitor and audit your cloud environment to detect vulnerabilities and ensure adherence to security policies. Utilize Azure Cost Management and Billing tools to manage and control cloud spending effectively. Regularly review and optimize cloud resources to ensure efficiency and cost-effectiveness.

What are the advantages and disadvantages of artificial intelligence in cyber security? What significant changes do you foresee in the field of cybersecurity in the region and globally in the next 3 to 5 years?

Advantages of AI in Cybersecurity:

  1. Enhanced Threat Detection: AI can analyze large volumes of data to detect patterns and anomalies, improving the speed and accuracy of threat detection.
  2. Automated Response: AI enables automated responses to certain types of threats, reducing the time between detection and mitigation.
  3. Behavioral Analysis: AI can monitor user behavior and network traffic to detect unusual activities, identifying insider threats or compromised accounts.
  4. Predictive Capabilities: By leveraging historical data, AI can predict potential threats, allowing for proactive defense measures.

Disadvantages of AI in Cybersecurity:

  1. Sophisticated Attacks: Cybercriminals can use AI to develop more advanced attacks, including malware that evades traditional detection methods.
  2. Bias and Accuracy: AI systems may be biased based on their training data, potentially leading to false positives or negatives.
  3. Cost and Complexity: Implementing AI solutions requires significant investment in technology and expertise, which can be a barrier for some organizations.
  4. Data Quality Dependency: AI’s effectiveness is dependent on the quality of the data it processes. Poor data quality can result in inaccurate threat detection and responses.

Significant Changes in Cybersecurity Over the Next 3 to 5 Years:

  1. AI and Machine Learning Integration: AI and machine learning will become increasingly integral to cybersecurity, enhancing threat detection, incident response, and predictive capabilities.
  2. Focus on Cloud Security: As cloud adoption continues to grow, securing cloud environments will become a primary concern, necessitating the development of advanced protection strategies.

 

What advice would you give to aspiring cybersecurity trainee or security architects looking to build a successful career in cyber security?

For aspiring cybersecurity professionals, continuous learning and staying updated with industry trends are crucial. The cybersecurity landscape is dynamic, and keeping abreast of the latest threats, technologies, and best practices is essential.

Specializing in specific areas like cloud security, network security, or ethical hacking can provide a competitive edge. Actively participating in industry forums, conferences, and workshops will help build a strong professional network. Engaging with cybersecurity organizations and contributing to the community can also facilitate career growth and keep you at the forefront of the field.

Investing in people and education is key! The cybersecurity landscape is ever-changing, so staying updated is crucial. Keep abreast of the latest threats, technologies, and best practices by following industry news, attending webinars, and engaging in professional forums. Specializing in areas like cloud security, network security, pentesting or ethical hacking can set you apart in the job market.

Joining cybersecurity organizations and participating in conferences, workshops, and meetups can help you stay connected and informed.

Cyber Security Summit, Belgrade 2024
Contact us today to be a part of the future of cyber security.

Put your brand and expertise in the spotlight with one of our carefully crafted sponsorship packages. Whether it be a speaking role, a delegate package for your team, logo exposure, or the opportunity to bring your current and potential clients along to the event, we have got you covered with something that will genuinely help you get deals done at our events.

Join us in uniting for a safer tomorrow!

Cyber Security Summit, Belgrade 2024