Conversations with IAM Cyberheroes - Daniel Deogun
Date: 2024-09-05
Author: Versasec
Summer 2024 is leaving us, but here’s another summer blog! This year, we have invited some friends of Versasec, experts in cybersecurity. They are everyday heroes looking to make the world a safer place; we call them cyberheroes. We look forward to learning from their experiences and diving into cybersecurity efforts from their perspective.
Our next guest is Daniel Deogun. Daniel is a cybersecurity specialist at Omegapoint in Stockholm, Sweden, author of the book Secure by Design and a strong advocate of using craftsmanship as a driver for software security.
What do you enjoy the most about working in cybersecurity?
I really enjoy working in the cybersecurity field, but I must admit it wasn’t always this way. Historically, many businesses treated security and cyberattacks as IT’s problem and therefore it never became top priority. But now as cybercrime and cyberwarfare have become public interest, businesses finally see what cyber threats are – a business continuity problem. This shift in perspective makes it exciting to work with cybersecurity, not only because it justifies secure and resilient solutions, but it also brings great value to the company and our digital society.
What are you most concerned about when you hear news about cyber attacks?
The rapid digitalization of our society has created huge challenges in terms of security – an overwhelming debt that probably never will be paid because it’s too expensive, complex, and time-consuming. This, in turn, implies that cybercriminals will be able to exploit weaknesses as long as we have “old” systems running. This worries me a lot, but what worries me even more is that we keep making the same mistakes over and over again when building new systems. Of course, this could result from ignorance, but I doubt it. Instead, I think we’re facing a shift in consumer expectancy. Previously, we wanted rapid digitalization, but now we’re expecting cybersecure digitalization within the same timeframe and budget. This is a much greater challenge and requires deeper insights and training which not many developers have.
Do you think phishing attacks could ever be eliminated?
As long as there’s an asymmetry between attackers and victims, I don’t think we’ll ever get rid of phishing attacks. I mean, most phishing attacks are cheap to produce, and it only requires a few that fall for it, in order for it to pay off. Adding generative AI and deep fakes on top of this makes the likelihood even less. But as always, we should never give up. Investing more in phishing-resistant solutions like MFA and passkeys will raise the bar and make it more expensive for attackers – and this will hopefully move us towards a world with less phishing in the end.
On a scale of 0 to 10, with 10 being the highest, where do you think enterprises are when it comes to adopting modern MFA?
Although adoption of modern MFA is increasing by the day, I still think we have a long way to go. This is because many see MFA as unnecessary complexity or friction for something that used to work seamlessly. So, my guess is we’re about a 4, but I hope things will improve as more investments are made in user experience.
In your everyday work, do you or your team members feel like superheroes against cybercrime?
As an advocate of Secure by Design, I strongly encourage my team to continuously improve security when writing code. Despite their great work, I don’t think anyone feels like a superhero (since we’re not wearing masks or capes), but I know for sure the team feels great responsibility towards making the digital world a safer place. That makes me really proud.
About our Guest
Daniel Deogun is a cybersecurity specialist at Omegapoint in Stockholm, Sweden. Throughout his career, Daniel has worked in various domains – from patient critical software in life-sustaining systems to large scale enterprise applications in the cloud to high performance software in compute intensive environments. Combining this with his passion for tech has made him a frequent speaker at industry conferences all over the world. Daniel is currently Chief Academy Officer in the executive management team at Omegapoint.
Disclaimer:
Daniel Deogun’s opinions on this blog do not necessarily reflect those of his employer.
vSEC:CMS
Our product suite provides all the software tools to administrate and manage credentials in a secure and convenient way.
Free Product Trial
Versasec provides enabling IT security products centered on the usage of security devices such as smart cards. Our solutions enable customers to securely authenticate, issue and manage user credentials more cost effectively. Get a free product trial.
Job Openings
We are always looking for new exceptional persons to join our team! Find out more about our job openings.