Thursday morning, Feb. 9, I, Koen van Nistelrooij, sat down with Queeny Rajkowski. Queeny Rajkowski has been Member of Parliament for the VVD since 2021 and spokesperson on digital economy and infrastructure, cybersecurity, cybercrime and digital democracy. Before that, she served on the city council in Utrecht for 7 years and worked at a tech company. She recently participated in season 23 of “The Smartest Man,” and in 2022 she was named the “most digitally aware Member of Parliament. She is currently in the running to win another award: IT Politician of the Year. Through her socials she gives a weekly behind-the-scenes look at political work. We talk about cyber security, awareness and its future.
What do you see as the biggest cyber security challenge for this year?
Queeny Rajkowski – Photo by Claudia Rison
“I think a number of things. We see that there is significantly broader support for cyber security compared to a few years ago, but unfortunately, the deed is not always put into action yet. In other words, money is not always allocated for it yet. In addition, we will be increasingly confronted with European directives and regulations from the government. I am concerned about their implementation and how we will shape them together. We must ensure that it does not become a checklist. Cyber security is so much more than just technical measures. You can have it in order technically, but if you don’t include the human side, you’re still empty-handed. I therefore advocate constant attention to behavior and culture.”
On the technical side, we often talk about zero-trust, and we often see that applied to people. How do you see that?
I do want to pick up on that, is man really the weakest link?
“No, definitely not. Insufficient attention to people and cooperation is the weakest link. You have to look at it this way: cybercriminals are just lazy; they want to make a lot of money with little effort. They cast their net digitally and see who hooks in or where they can get in. Awareness programs help ensure that people can recognize this digital net. The crux also lies in cooperation between governments, businesses and IT vendors. Governments and the free market need to share much more information about acute threats, for example.”
If we are already talking about the human aspect vs. the process and technology side, what would be the ideal ratio in which to invest?
“In that respect, the human aspect in cyber security is incredibly important, and there definitely needs to be more investment in that. Actually, the human side is a bit the neglected child. In the Netherlands we have gold in our hands in that area, but we are not exploiting it. Take, for example, the fact that we are one of the most digital populations in the world, but still do disastrously little when it comes to learning digital security in education. An opportunity we are currently missing. We all learn to lock the door when we leave the house, but not yet how to be digitally secure. There is also an important role here for employers. They bear the responsibility to make their staff aware of the threats and keep them up to date.”
What would you like to pass along to every mayor or city clerk on cyber security?
“Let go of that shame. And especially let go of the shame about not knowing something, or not knowing how it works. Let go of the shame if a cybercriminal has accidentally managed to get in anyway. Let it go, because 100% security does not exist. If we can move away from that, we can start sharing a lot more knowledge with each other.”
And what do you think a city clerk should do in the area of culture and behavior change?
“Try to get cyber security to everyone as much as possible. So don’t just discuss this topic with management, but let everyone who works in the municipality be exposed to it in the coming year. People need to talk to each other about it and then you start working on awareness, knowledge, resilience and so on.”
Are there any other things you’d like to pass along, or things you’d like to bring up that we haven’t talked about yet?
“Yes, I think there is still a challenge in shaping digital security in the future and connecting it to the physical world. What is not allowed on the street should also not be allowed online. Existing laws and regulations need to be updated to today’s reality, taking the digital world into consideration. Soon we will all be aware and want to do something about it but there are not enough people or resources to meet the demand for cyber security expertise. Governments and companies, even SMEs that have nothing to do with the digital, need to work together more. Cyber security requires deep expertise on a broad front. In terms of technology and people, collaborate or buy in that expertise, rather than doing everything yourself.”
Closing
We would like to thank Queeny Rajkowski for her valuable insights. As an awareness partner, we find it essential to know what is going on in the market. Throughout the year, we interview security experts to gain this knowledge. Based on 70 interviews with security experts, we wrote our latest trend report – Seriously Fun: Awareness in 2023.
Are you also a security expert and would you like to provide input for the next trend report? Or would you like to have a chat about what we can do for your organization? Then scroll down this page and contact our consultant Max.