Interview Yente Gielen – UZ Leuven

In preparations for Cyber Resilience Conference, we spoke with Yente Gielen, Cyber Security Lead, IT at UZ Leuven.

With a bachelor’s degree in Applied Informatics and a healthy interest in the world of Cyber Security Yente began my journey. In the two years at a major consultancy firm, he had the pleasure to experience numerous projects in Identity protection, Incident response and pen testing. After two years Yente decided to make a switch to healthcare, to really make an impact and protect those who are most vulnerable, the patients. After three years at UZ Leuven he now focusses on shaping and managing the cyber security policies and practices in the hospital.

What do you think are the biggest challenges in the field of (cyber) security?

There are multiple challenges in the (cyber) security field. However, even with all of the challenges you still could divide them into three main categories. Namely, the following:

1. Stay ahead of the curve, so what will and could happen
2. Find the needle in the hay stack inside your own organisation
3. Educate yourself and your staff about cyber-attacks

Of course, as a security expert there are countless challenges to keep in mind. Yet, the most important one is to understand the mind of a hacker! In other words, think as a hacker to understand your weakness. Education and understanding systems and people are key to keep your security up to date! Know what the weakest spots are in your network, understand what devices are connected to the internet, questions yourself.

Where do you see things often going wrong in the field of (cyber) security?

Something that often goes wrong is the lack of visibility and lack of awareness. Each organisation works with various systems and with people. Organisations need to understand what kind of systems they work in, what devices do they have, how often is everything update, are people in your organisation aware of each risk etc. It all starts with visibility and creating awareness. Know your systems, know the organisation, know the network, the devices that are used every day, understand how people in the organisation vies the security policies, create awareness, teach the organisation about the risks. Only then one could identify the challenges if you understand that there is a lack of visibility and awareness inside.

You are providing a session at Cyber Resilience Conference on June 1. What are you going to talk about?

Speeddate Roundtable: Handling Sensitive Data @Scale

Everyone understands the importance of cybersecurity but what is the impact of cybersecurity in the hospital sector of Belgium? How far can you go with the security policies? What security policies have an impact on the patient? How do you protect devices as IoT medical devices and audio connectors?  Do you know what kind of data each device is using and the employees?

These kinds of questions will be discussed during Cyber Resilience Conference. As an attendee you will get all the insights in understanding the lack of visibility and what the impact of this is!

And finally, what tip would you like to give a security professional

I think that every security professional needs to brace itself for the next couple of years. Think as a hacker to understand vulnerabilities! With the rise of AI and other technological development it is more than important to educate yourself and the people who you work with about (cyber) security. Try to stay up to date about but do not reinvent the wheel, just think like an attacker!