Two weeks before DefCamp – the largest cybersecurity conference in Central and Eastern Europe, The Recursive had the opportunity to interview three of the experts shaping this year’s program: Andrei Avădănei, DefCamp’s founder, and two of the speakers: Konrad Jędrzejczyk, a threat intelligence specialist; and Marek Zmysłowski, a cyber security strategist.
The conference, happening on the 28-29 of November in Bucharest, Romania, will gather cybersecurity experts, innovators, and enthusiasts from across Central and Eastern Europe who are ready to tackle some of the most urgent and complex challenges facing the digital landscape.
Reflecting on the evolution of cybersecurity, Andrei notes that DefCamp’s discussions have moved toward proactive defense strategies that address advanced threats like nation-state attacks and ransomware.
Where conversations once revolved around basics like firewalls and antivirus, today’s discussions at the largest conference in the region include world-leading professionals sharing knowledge on strategies like zero-trust architectures, IoT security, and ethical frameworks for AI applications:
“I strongly believe that everything that happened in each edition of DefCamp shaped us as humans, professionals and helped us create such an amazing community driven by the thirst of knowledge” he shares.
Ahead of this year’s DefCamp at the end of November, our team got a behind-the-scenes preview of the essential cybersecurity themes keynote speakers will delve into. So let’s dive in to learn more about the conversations defining the future of digital security.
The evolution of cyber threats and AI’s role in new attacks
AI isn’t only making technological attacks more efficient, but also provides grounds for a completely new wave of social engineering techniques.
Konrad, with his experience in threat hunting, highlights how AI-driven social engineering scams exploit human psychology in unprecedented ways, accessing company profiles through personal communication channels – like Teams and WhatsApp.
“I have been involved in incidents where attackers used AI language models to gather information about internal contacts in a company through platforms like Teams and WhatsApp. By removing language barriers, AI helps attackers create convincing messages tailored to their targets, making phishing attempts more effective.”
Earlier this year, the software company TeamViewer also reported that corporate information has been compromised using their screen sharing system meant for virtual collaboration.
While AI hasn’t yet fully replaced traditional attack methods, it has become a powerful tool that makes attackers more efficient and their strategies more advanced.
Adapting to AI-driven threats: Strategies for large corporations and startups
Both large corporations and startups are recognizing the urgency of addressing AI-powered threats, but the strategies they adopt reflect their unique strengths and limitations.
Marek Zmysłowski, who has worked with both types of organizations, describes a clear divide in approaches to building cyber resilience.
“Large corporations and startups are both recognizing the imperative to adapt to AI-driven cyber threats, but their methods reflect their distinct circumstances. Large corporations leverage their extensive resources to build sophisticated, multi-layered defense systems and invest in specialized talent. In contrast, startups prioritize agility, leveraging scalable cloud-based solutions, and fostering a culture of security awareness to compensate for limited resources.”
According to Marek, AI-powered defensive tools, collaboration with industry partners, and continuous adaptation are key strategies for businesses of all sizes.
During this year’s conference, professionals will get the chance to hear both ends of the spectrum, equipping small startups and large corporations alike with targeted insights on how to respond to increasingly sophisticated cyber threats without compromising their operational agility.
The impact of regulations on AI development in cybersecurity
The EU’s Digital Markets Act (DMA) and GDPR represent a formidable regulatory stance, aimed at fostering competition and securing user data.
Yet, according to cybersecurity strategist Marek Zmysłowski, this ambitious regulatory vision may unintentionally curtail the growth it seeks to protect.
Marek, who has witnessed the contrasting regulatory climates across multiple regions, reflects on Europe’s unique dilemma: can a stringent regulatory framework co-exist with the flexibility required for technological innovation?
“The DMA and GDPR aim to promote competition and protect user data, but they might unintentionally make things harder, especially for small companies,” Marek observes. “If big platforms can’t use their advantages to promote new products, they might not invest as much in improvements… Europe’s current approach might turn it into a kind of museum during the next technological revolution, instead of being a leader in innovation.”
Europe’s regulatory ambitions carry a dual potential, shaping a paradigm where AI development could either be created within strong ethical boundaries or stifled under the weight of precautionary limitations.
Marek’s perspective speaks to a deeper challenge for policymakers: balancing the continent’s commitment to data sovereignty and privacy with the risk of falling behind on the global stage. His insights suggest that as Europe tightens its grip on data use and monopolistic practices, it may simultaneously hinder the competitive edge required for AI innovation.
Can innovation flourish within a highly regulated environment? Or does true progress necessitate a certain degree of creative freedom?
Building a community for cybersecurity in CEE and beyond
What began in 2011 as a gathering of cybersecurity enthusiasts in Romania has since blossomed into the largest cybersecurity conference in Central and Eastern Europe, attracting experts, researchers, and professionals from around the world.
“It’s Christmas for hackers”, Andrei reflects with a smile, capturing the shared excitement and passion that continues to bring people together year after year. “Even if so many years have passed, the thing that still remains is the passion for cybersecurity; this is what brings everyone together and has helped DefCamp become the largest cybersecurity conference from CEE.”
With just days left until the largest cybersecurity conference in Central and Eastern Europe, there’s still time to secure your spot at DefCamp 2024.
Learn how on the DefCamp official website.
