.png)
Belgium 3-7-25 Invitation Only Physical english
Digital Sovereignty - Securing Corporate Autonomy in a Fragmented World In an era marked by geopolitical instability and escalating digital dependencies, corporate leaders face a critical imperative: reclaiming control over their digital ecosystems. This exclusive CIONET executive dinner offers a platform for CIOs, CTOs, and digital leaders to delve into strategies for achieving digital sovereignty. Key discussion points include: Redefining Digital Sovereignty for Enterprises: Exploring how digital sovereignty extends beyond national borders to encompass corporate control over digital assets, infrastructure, and data. Infrastructure Independence: On-Premises vs. Cloud: Evaluating the trade-offs between on-premises infrastructure and cloud services in the context of control, scalability, and sovereignty. Sovereign AI: Building Autonomous Intelligence: Discussing strategies for developing AI capabilities that align with corporate values and operate independently of external platforms. Vendor Lock-In and Technological Autonomy: Identifying risks of dependency on specific vendors and exploring approaches to achieve technological independence. Investing in Sovereign Digital Capabilities: Strategising investments in infrastructure, talent, and processes to build and sustain digital sovereignty. Join us for an evening of insightful discussions, shared experiences, and actionable strategies to navigate the complexities of digital sovereignty. Secure your organisation's future by understanding and implementing the pillars of digital autonomy.
Read More-2.png)
Belgium 28-8-25 Country Members Physical english
A special celebration marking 20 years of CIONET—two decades of empowering digital leaders and driving innovation in the technology landscape. This exclusive event will bring together our members to reflect on the incredible journey we've shared and look ahead to the future of digital leadership.Featuring keynote presentations from visionary CIOs, industry pioneers, and founding members, we’ll explore how far we’ve come and what lies ahead in the ever-evolving world of technology. Together, we will honour the contributions of our members who have shaped CIONET’s legacy while offering insights into how the community will continue to lead in the years to come.This is more than a celebration—it’s an opportunity to reconnect, reflect, and recharge with your fellow digital leaders. Don't miss this exclusive experience packed with inspiring talks, networking opportunities, and special recognitions that highlight the best of CIONET’s history and future.Let’s celebrate the past, present, and future of the digital community you helped build.
Read More
Belgium 2-9-25 All TRIBERS Virtual english
You’ve been asked a simple question: “What does it cost to host this application?” But the answer is anything but simple. The platform sits across multiple data centres. The app spans a few VMs, shares a backup system, uses licensed monitoring, and touches five different teams. Your CMDB should help, but it’s rigid, outdated, or incomplete. And yet, you still need to provide a number, clear, explainable, and grounded in reality.
Read More
July 3, 2025 Squad Session Invitation Only Virtual polish
Zapraszamy na praktyczną dyskusję o wadach i zaletach różnych modeli utrzymania Security Operations Center. Dawid Wachowiak (TDJ) podzieli się doświadczeniami z wdrożenia i funkcjonowania modelu outsourcingowego. Porozmawiamy o tym, co wpływa na skuteczność SOC-a – od decyzji strategicznej po reakcję na incydent – i jak dopasować model operacyjny do potrzeb organizacji.
Read More
July 14, 2025 Squad Session Invitation Only Virtual polish
Ministerstwo Finansów zapowiedziało wdrożenie platformy KSeF na 2026 rok. Przygotowanie firm i ich systemów wymaga wiedzy o zakresie KSeF i elementach integracji na poziomie IT. Zapraszamy na kontynuację spotkania z udziałem przedstawicieli Centrum Informatyki Resortu Finansów (CIRF) i Ministerstwa Finansów.
Read More
July 16, 2025 Squad Session Physical polish
Tribes Leadership Circle to cykliczne, wysokopoziomowe spotkania wyłącznie dla dyrektorów obszarowych, posiadających dostęp w ramach wykupionego członkostwa.
Read More
Published on: June 25, 2025 @ 9:14 AM
How can CIOs ensure that their critical systems never go dark, even amid failures, updates, or entire cloud region outages? For Haytham Elkhoja, Principal Architect and Principal SRE at Kyndryl, the answer lies well beyond lift-and-shift strategies or generic cloud SLAs. In this CIONET Trailblazer interview, Haytham shares insights from his report “Cloud Adoption for Mission-Critical Workloads – Principles for Always On Applications,” offering a new blueprint for CIOs navigating the high-stakes transition of core systems to the cloud.
Published on: May 28, 2025 @ 9:38 AM
As AI moves from novelty to necessity, consumers expect hyper-personalised, pre-emptive experiences. In this CIONET Trailblazer interview, we sit down with Sean Heshmat, EMEA and APJ Head of Data & AI at Cognizant, to unpack findings from the New Minds, New Markets report on AI-powered consumers, the Agentic Internet, and strategies for embedding AI at the heart of the customer journey.
Published on: May 06, 2025 @ 10:25 AM
Transform individual gains into enterprise wins with generative AI.
Tuesday, May 13, 2025, 10:30 AM - 1:30 PM (Central European Time)
Microsoft Belux, Passport Building Luchthaven,
Brussel Nationaal 1K, 1930 Zaventem
Published on: April 30, 2025 @ 9:04 AM
How can enterprises transform scattered knowledge into strategic intelligence? As data volumes explode and information silos multiply, digital leaders face a growing challenge: making enterprise knowledge accessible, reliable, and actionable. Deloitte’s answer? RAG as a Service is a cutting-edge approach to AI-powered knowledge management built on Retrieval Augmented Generation.
Published on: April 03, 2025 @ 10:17 AM
Retour sur Les Rencontres CIONET du 1er avril – Quand les attentes envers le CIO redessinent les contours du leadership digital
Le 1er avril à Liège, dans l’élégance feutrée de l’Hôtel Selys, CIONET Belgium a lancé en beauté la saison 2025 de son programme Les Rencontres – un cycle d’échanges intimistes, 100 % francophones, qui réunit les leaders du numérique pour discuter, débattre et déconstruire les évidences.
Published on: March 26, 2025 @ 9:59 AM
AI and data have become essential tools for businesses, but how do you ensure they create real, lasting impact? At Telenet Group, data isn’t just about analysis: it’s actively shaping decisions, optimising customer journeys, and enhancing connectivity. Their approach recently earned them a Data Maturity Award, recognising their ability to turn data into tangible business value.
Published on: March 04, 2025 @ 5:07 PM
Renewed collaboration will see Cognizant provide support across IT services with the aim of reducing overall costs and significantly improving the user experience
Published on: February 26, 2025 @ 10:51 AM
Over the past decade, the role of the CIO has evolved from a back-office supporting function to a central position that enables business strategy through technology. Today’s technology leaders must balance modernising legacy systems, scaling AI, and aligning IT investments with ESG goals—all while ensuring operational efficiency and security.
Published on: February 25, 2025 @ 4:14 PM
Disclaimer: This personal view on the position of Red Hat within the AI-landscape is based on the personal experience of a specialist solutions architect in application development and AI.
Published on: February 25, 2025 @ 10:33 AM
In today's digital age, The AI revolution is fundamentally changing how businesses operate while simultaneously the threat landscape is changing. Security strategies, practices, and tactics need to evolve to be more proactive, requiring a risk-informed security model to stay ahead of threats, making it imperative for organisations to adopt robust cybersecurity measures. One such measure is the implementation of an Enterprise Cybersecurity Platform, which plays a pivotal role in the fight against cybersecurity threats. This blog will explore the significance of such platforms and offer insights into the cyber risks companies face, explaining why a platform approach is essential in addressing these challenges.
Published on: January 29, 2025 @ 9:58 AM
As organisations increasingly embrace cloud technologies to drive innovation and agility, misconceptions about cloud security persist. To demystify these challenges, we spoke with Stefaan Van Hoornick, Cloud and DevOps Security Presales Engineer at Trend Micro, to explore the nuances of cloud security and share actionable insights with the Belgian CIO community.
Published on: December 18, 2024 @ 9:07 AM
In this edition of CIONET Trailblazer, we are excited to present an exclusive interview with Bart Windal, Country General Manager of IBM Belgium/Luxembourg. We dive into IBM's approach to ethical and responsible AI, showcasing how the company is leveraging its legacy as a trusted technology partner to set new standards in AI governance.
Published on: November 27, 2024 @ 10:45 AM
Welcome to another edition of CIONET’s Trailblazer, our feature series where we interview digital thought leaders. In this edition, we speak with Tom Olislagers, Chief Technology Officer Western Europe at Dell Technologies. We discuss how Artificial Intelligence (AI) is shaping the way we work, learn, and connect—and what it means for organisations, teams, and individuals.
Published on: November 21, 2024 @ 10:58 AM
In early October, Cognizant and Google Cloud hosted a workshop to lay the groundwork for Data Strategy 2025. The event brought together CIOs, CDOs, and their direct reports from various industries to start drafting their data strategies for 2025.
Published on: October 30, 2024 @ 9:34 AM
In this CIONET Trailblazer article, Stef Schampaert, Country Managing Director of Red Hat Belgium & Luxembourg shares insights into Red Hat's journey, their strategic focus areas, and how they empower organisations to innovate confidently in an ever-changing tech landscape. Key topics include Red Hat’s approach to hybrid cloud, the evolution of OpenShift, and its role in AI-driven development.
Published on: October 29, 2024 @ 11:37 AM
(English below)
Security Xperience : découvrez les nouveautés liées à la sécurité et des témoignages exclusifs
Published on: October 22, 2024 @ 10:04 AM
Until October 31, you were able to compete for the title of The Smartest Cyber Expert 2024. You needed to fill in 20 questions divided into 5 different categories: News & current affairs; Buzzwords and abbreviations; Legislation and policy (including NIS2); Technological developments; (ethical) Hacking and Fraud.
Published on: September 27, 2024 @ 10:41 AM
(English below)
Mainframe Day 2024 : découvrez comment le Mainframe s’offre une nouvelle jeunesse
Published on: September 25, 2024 @ 8:59 AM
In this edition of CIONET Trailblazer, we dive into MindWave’s unique strategy of operating between Belgium and Greece in an exclusive interview with Johan Nagels, CEO & Founder of MindWave. With a mission to solve one of the key challenges facing CIOs—finding IT resources at a reasonable cost—MindWave’s dual presence drives innovation and offers competitive solutions through nearshoring. We explore how this cross-cultural collaboration enhances their growth and how they are capitalising on Greece's emerging tech scene while staying competitive in the evolving global talent landscape.
Published on: September 18, 2024 @ 3:44 PM
(English below)
AI & Data Xperience : l’événement pensé pour l’avenir de votre entreprise
Published on: September 11, 2024 @ 2:57 PM
Etex modernises its IT foundation for a new era of sustainable innovation.
Cognizant and SAP partnered to migrate a business-critical SAP ECC environment to S/4HANA to ready Etex for future transformation and innovation.
Published on: August 28, 2024 @ 10:10 AM
LCL has managed to position itself as a leader in sustainability within the data center industry. We spoke to Laurens van Reijen, Managing Director, and Steve De Craene, Finance Manager, about how they integrated sustainable practices into their operations, the strategic insights that drove their journey, and the key takeaways from their second sustainability report. This episode of CIONET Trailblazer explores how LCL’s approach to environmental responsibility is setting new standards in the industry and offers practical lessons for organisations striving to innovate sustainably.
Published on: July 31, 2024 @ 9:20 AM
In this CIONET Trailblazer episode, together with Laetitia Dierinck, VP Business Excellence Acceleration - SME/LE, we explore the transformative leadership style that has become a cornerstone of Telenet Business's success: Servant Leadership. See how this approach empowers teams, fosters innovation, and creates a resilient organisational culture. Discover what defines this leadership philosophy and how you can integrate these principles to drive growth and engagement within your organisation.
Published on: July 02, 2024 @ 10:51 AM
About the LCL Sustainability Report 2023
This sustainability report is the second of its kind for LCL. Since the first report, they have made significant progress in addressing environmental impact, social impact, and good governance. LCL's dedication to achieving climate neutrality by 2030 remains steadfast, as does their commitment to communicate the progress. With this report, LCL wants to show how they - in the world of data centres - are paying more attention to their impact on the environment and society. The central theme of our Sustainability Report, ‘Together We Thrive’, is a testimony to their belief that collective action and connection are essential. As trailblazers in their field, they want to inspire, invite and motivate all stakeholders - customers, partners, suppliers, employees, and governments - to join them on our journey to sustainability. This report also provides an opportunity for stakeholders to see how their business is evolving and to provide feedback on LCL's sustainability performance.
Published on: June 26, 2024 @ 2:25 PM
Those who want to continue growing, innovating, and competing in the digital age must digitise. Digital transformation processes are crucial for organisations, but executing them successfully proves to be a major challenge: 70% of digital transformations fail. Why? Because one factor is often overlooked: the relationship between people and technology.
This edition of the CIONET Trailblazer Series delves into this challenge with Pascal Laffineur, CEO at Yuma. Pascal shares his insights on a successful digital transformation that people want to work with. This process changes not only the way organisations work but also their identity and culture. Therefore, when digitising, it is crucial not to overlook the human element that underlies every facet of business operations. After all, organisations operate with people to deliver value for other people.
Published on: June 21, 2024 @ 11:23 AM
Lorenzo Bernardi, Head of Security Services de NRB, nous explique comment l’entreprise basée à Herstal s’investit dans la lutte cruciale de la cybersécurité des organisations belges et internationales.
Published on: June 21, 2024 @ 11:17 AM
Lorenzo Bernardi, Head of Security Services at NRB, explains how the Herstal-based Group is committed to the crucial fight for the cybersecurity of Belgian and international organisations.
Published on: June 19, 2024 @ 12:25 PM
Enhance Your Customer Engagement with SAP Emarsys and SAP Commerce Cloud
Published on: May 31, 2024 @ 4:37 PM
Did you know that, on average, companies waste 30% of their cloud spend due to inefficiencies? As more businesses adopt artificial intelligence (AI) and migrate to the cloud, managing cloud spend has become a critical challenge. In this era of optimising operations and minimising costs, organisations are constantly seeking innovative ways to leverage AI advancements like Open AI GPT-3.5 and GPT-4 to revolutionise their business processes. However, it's important to recognise that choosing the right AI model not only impacts performance but also has significant cost implications. This is where the concept of FinOps comes into play.
Published on: May 29, 2024 @ 9:13 AM
In this edition of the CIONET Trailblazer, we sit down with Pierre Marchand, Chief Data Strategist at Cognizant, to discuss the strategic considerations behind AI investments. Pierre provides valuable insights into how organisations can identify AI projects and use cases that offer the greatest value. We explore the importance of aligning business and IT strategies, leveraging data products, and fostering collaboration to enhance AI's impact. With practical advice and proven strategies, Pierre offers a comprehensive guide to achieving successful AI adoption and maximising value creation.
Published on: April 24, 2024 @ 9:31 AM
In an age where data is as valuable as currency, organisations must understand its worth and learn how to navigate its tides. As the Product Marketing & Solutions Marketing Director for EMEA & LATAM at Denodo, Errol Rodericks has seen firsthand the transformative power of data when properly harnessed. Herein lies a chart for navigating the complexities of data-driven transformation, democratisation, ethical considerations, and the significance of data products, from the perspective of a modern-day organisation.
Published on: March 27, 2024 @ 10:49 AM
How to face the challenge of adopting advanced ‘cloud’- technology while maintaining strict security measures? That is the key question this edition of the CIONET Trailblazer Series delves into with Pieter Molen, Technical Director Benelux at Trend Micro. Pieter shares valuable insights on enhancing cloud security architectures and fostering a culture of shared accountability. Aimed at digital and IT leaders navigating the complexities of cloud security, this conversation offers innovative strategies for reducing risks and maximising business opportunities. We also explore the future of cloud computing, where innovation and security intersect to redefine digital transformation.
Published on: March 15, 2024 @ 3:29 PM
As we move deeper into 2024, it is imperative for data management leaders to look in their rear-view mirrors to assess and, if needed, refine their data management strategies. One thing is clear; if data-centric organisations want to succeed in 2024, they will need to prepare for an environment in which data is increasingly distributed.
Published on: March 15, 2024 @ 3:11 PM
Artificial intelligence (AI), machine learning (ML), and deep learning (DL) have the potential to transform all aspects of business, from customers and employees to development and operations. Building AI/ML into your applications can help you achieve measurable business outcomes. Read this e-book to learn how Red Hat can help you build a production-ready AI/ML environment that accelerates the development and delivery of intelligent applications to support your business goals.
Published on: March 05, 2024 @ 10:49 AM
Ever wonder why everyone's talking about data? It's not just a buzzword — it's the secret sauce for making smarter decisions, understanding your customers, and saving money. When you follow the data instead of gut feelings, you're on the path to better pricing, effective marketing, and products people actually want.
Published on: February 28, 2024 @ 9:11 AM
Deloitte's Tech Trends 2024 offers an outlook on how emerging technologies are pivotal to strategic business transformation. In this CIONET Trailblazer episode, Deloitte unveils the profound impact of innovations like generative AI and digital twins on industry paradigms, highlighting their role in driving competitive advantage and operational excellence. Featuring insights from Tom Van Boxstael, AI & Data Partner at Deloitte, the discussion provides a comprehensive roadmap for businesses aiming to navigate and capitalise on the digital revolution, ensuring readiness for the challenges and opportunities that lie ahead.
Published on: February 27, 2024 @ 2:01 PM
The internet we know and love today was initially built in the 1960s as a communication system that would survive a nuclear war. That is why Transmission Control Protocol/Internet Protocol (TCP/IP) was invented - to specify how computers transfer data from one device to another. However, it was also built with the vision that information should be free and that a network could and should be trusted.
Published on: February 07, 2024 @ 10:27 AM
In well-chosen, sustainable partnerships lie powerful levers. LCL therefore takes on the role of ambassador for Close the Gap (mission: reducing the digital divide worldwide) and Digital For Youth (mission: safe and easy access to a laptop for all children and youth in Belgium). By giving enterprises’ ICT equipment a second life, Close the Gap reduces waste and increases opportunities for those who have less. As a pacesetter, the data centre company shares that impactful story with its stakeholders.
Published on: January 31, 2024 @ 9:31 AM
All companies, no matter their industry, share a common challenge with their IT environment: growing complexity. To anticipate the pitfalls this complexity brings in terms of reliability, security and efficiency of IT operations, new ways of working are being adopted. These modern ways of working such as agile and continuous integration / continuous deployment already used in the world of application development, have trickled over to IT Operations and have proven their merits. ModernOps is gaining widespread adoption among companies, transcending traditional boundaries and proving to be a transformative force.
In this episode of the CIONET Trailblazer, Hendrik Devos, technology Lead at Kyndryl Belux and Marnix Gillis, Distinguished Engineer at Kyndryl talk about how ModernOps transforms IT organisations by fostering a collaborative culture that prioritises adaptability, innovation and continuous learning, ultimately driving sustainable business outcomes.
Published on: January 24, 2024 @ 3:50 PM
Can we talk about translations? We’ve heard many, many clients tell us what a hurdle translations can be. Human translation gets you the best results, but it takes a lot of time and can be expensive. Machine translation seems like a great alternative, but you never know what you’re getting. You’d almost be tempted to start copying your content and pasting it into ChatGPT for better results.
Published on: January 19, 2024 @ 2:50 PM
Canon USA works with a large network of vendors. Its finance department struggled to receive and process as many as 5,000 vendor invoices a month—most of them filled with a complex matrix of information like date ranges, machine serial numbers, meter readings, fuel fees, and other charges. On top of that, many of the invoices were created on paper documents, and much of the processing involved invoices for relatively small dollar amounts—sometimes less than $150.
Published on: December 20, 2023 @ 8:57 AM
In this CIONET Trailblazer episode, "Preventing AI Unleashed: Ethical and Legal Frontiers," we delve into the transformative impact of generative AI. Joining us are Wouter Travers, a Technology Advisory expert at PwC, and Loïc Delanghe, Senior Managing Associate IP/IT/Data law and a Certified Data Protection Expert at PwC Legal. Together, we'll explore the reshaping of industries through AI and the crucial need for aligning technological advancements with ethical and legal benchmarks.
Published on: November 29, 2023 @ 11:45 AM
In this episode of the CIONET Trailblazer, we meet Jelle Schroven, Regional Director Belux at Zscaler. Together, we delve into how Zero Trust, traditionally a security framework, is evolving into a crucial enabler for business transformation. This discussion not only focuses on Zscaler's implementation but also on the broader application and impact of Zero Trust in the industry.
Published on: October 25, 2023 @ 9:21 AM
In this CIONET Trailblazer episode, we're joined by Olivier Lallemand, Chief Operations Officer, Applications at NRB. We'll question whether organisations should employ multiple cloud computing services rather than relying on one. With Olivier's expertise, we'll uncover strategies, real-world applications, and practical insights essential for navigating the challenges of single or multi-cloud environments.
Iona Catholic Secondary School defends its endpoints confidently with Trend Micro
John Trembly, Technical Specialist at Iona Catholic Secondary School, shares his insights on the benefits of using Trend Micro Apex One for endpoint security. This comprehensive solution provides robust protection against cyber threats while offering valuable visibility into the school's network infrastructure.
WHAT IS OUR PRIMARY USE CASE?
We use Trend Micro Apex One™ for endpoint security. We are using the SaaS version of Trend Micro Apex One.
I like the way Trend products integrate with each other. The Trend Micro Apex One servers are all tied into Central, which is now integrated into my Trend Vision One™ console. The on-premises stuff is also integrated with Azure.
HOW HAS IT HELPED MY ORGANIZATION?
I am confident in Apex One's capability to defend endpoints against threats like malware, ransomware, and malicious scripts.
Apex One has predictive machine learning and behavior monitoring, which are essential for endpoint security. Our file scan also scans the memory for malware. Behavior monitoring is particularly effective at detecting ransomware attacks because it can check for unusual encryption methods.
I like the way Trend products integrate with each other. The Apex One servers are all tied into Central, which is now integrated into my Vision One console. The on-premises stuff is also integrated with Azure.
We use a single dashboard through Apex Central to view detections, threat hunting, and investigations. The visibility through the single console is important. When we open the dashboard, it tells us what it has found. For example, I am currently looking at the SaaS version. If I go to ApexOne, I can see all of the agents that are currently connected. It takes a few moments for all of the agents to load. We are currently in a downtime during the summer months. We are a school board, so there are fewer staff members on-site, and not all of the schools are open. We have 12,000 employees and 80,000 students. However, not all of the students are online right now as they would be during the school year. Next Friday, we will have more staff members in the office. When school starts after the Labor Day long weekend in Canada in September, everyone will be back online. Currently, the dashboard only shows 9,140 agents. Last week, it showed 6,400 agents. I have the system set up to remove inactive agents so that the system does not have to constantly scan a bunch of systems that are not even there. I have seen up to 17,000 endpoints on our system.
Vision One is now monitoring my Cloud One workload security and My Cloud Central. This means that Vision One is collecting data from both systems and giving me a comprehensive overview of my security posture. When I open Vision One, I will be able to see visibility into my entire organization. I have configured Vision One to send data to our Syslog server and receive data from our Qualys server. The Qualys server scans my servers for vulnerabilities and reports back to Vision One. I have also set up a service gateway and a workload security data center gateway. The workload security data center gateway feeds data from my VMware ESX servers into Vision One. This allows Vision One to see the real-time status of our VMs, including which ones are powered on, which ones are running the Deep Security Agent, and which ones are still running on my on-prem Deep Security server. Vision One provides me with a risk overview, an exposure overview, and an attack overview. This information includes details about credential access, lateral movement, collection impact, and suspicious mail forwarding rules.
We have our Azure system for Office 365 and on-premises Azure Active Directory also connected to Vision One. This means that Vision One can see all logins to our Azure system and our on-premises AD. I have agents running on our on-premises directory controllers, so this data is also being fed into Vision One. Vision One can also see our Azure domain controllers and our DMZ. I receive alert emails when something serious happens. I haven't received any of these emails since we started using Vision One. However, I receive emails about endpoints that have had files quarantined. The file on the endpoint was too large to move to the main server quarantine, so Vision One just gave me a small error message. Currently, the endpoint protection dashboard shows that out of 19,678 endpoints, agents have been deployed on 13,675. This includes Macs. The dashboard shows one Linux endpoint, which is my service gateway. There are 882 Mac OS endpoints, which is lower than the usual number of 1,100 because not all of them are turned on. There are 12,792 Windows endpoints. The dashboard also shows that 6,003 endpoints have no security protection. These endpoints likely include network equipment, certain Linux servers that are not running Trend Micro software, and proprietary operating systems that are used by our network team and other IT groups. There are also endpoints that are listed in our Active Directory, but they are either turned off or do not have any active systems. Updates are applied on an hourly basis. If an exploit gets through and an endpoint has not been updated, it will receive the update on the next cycle. The most common reason for an endpoint not receiving an update is a network issue or the endpoint being powered off. Once an endpoint goes online, it is configured to automatically retrieve security updates from the server, or directly from Trend Servers over the internet if the server is unavailable. The first thing the endpoint does when it goes online is update its security patches, signatures, and scan engines. When a detection is made, the endpoint first deletes the file and quarantines it. It then blocks the action of whatever the file was trying to do. The endpoint's virtual patching, behavior monitoring, and predictive machine learning then stop any unusual activity. This may even include an activity that is supposed to happen. We have had members of our ICT department complain that they were unable to install software because the antivirus protection was blocking it. In some cases, we have groups within our organization that are responsible for maintaining their own servers. When they are doing upgrades, they may schedule us to temporarily disable the antivirus protection so that they can complete the upgrade. Even if malware does not get detected by the web reputation system and is downloaded by a user, it may still be detected by the signature-based malware detection system. If it is not detected by either of these systems, it may still be blocked if it tries to contact its master. These master addresses are often common addresses on the internet that are used by bots to communicate with a server that is maintained by the threat actor. If a bot is blocked from contacting its master, it will be unable to function. If we see a large number of bots being blocked, we will investigate the system to see what is causing the issue. In many cases, it turns out to be a legitimate activity that is being blocked by the system. For example, we may have custom scripts running on certain servers that look suspicious to the system. We can manually whitelist these scripts so that they are not blocked. Overall, the system is designed to be overprotective. This is because it is better to block something that is legitimate than to let malware through. We can always fix a false positive, but it is much more difficult to fix a security breach.
I started using Apex One in August 2020. I learned how to move agents, install software, and get the agent onto the server. I also learned from the documentation, knowledge base, forums, and other users. I found Apex One to be more difficult to learn than PaperCut because the terminology and concepts are different. PaperCut is just about printing and monitoring, while Apex One is about cybersecurity. There are also many caveats to consider with Apex One. I found the scan settings to be particularly challenging. Trend Micro has helpful best practices documents, which I used to learn what the normal settings are for servers and workstations. For example, servers don't need to be scanned for office document exploits because they typically don't have Office installed. I also learned that it's important to balance security with performance. We don't want to scan servers so heavily that it slows them down, but we also don't want to skip important security checks. In January 2021, we changed our policy on security settings. We now tell users that if there are any problems, we will fix them. We would rather have a small problem that we can fix quickly than have to restore a server from backup, which can take days.
ApexOne provides virtual patching, also known as vulnerability protection, to protect against vulnerabilities before they are exploited. Deep Security and Workload Security call this feature intrusion prevention, but it is essentially the same thing.
WHAT IS MOST VALUABLE?
Workload security now has a feature called Activity Monitor for each endpoint. This is a free version of their Endpoint Basecamp product that is automatically installed with every Apex One agent. Even if we are not licensed for Endpoint Basecamp, it will still be installed. On the servers, I had to remove the Endpoint Basecamp and then deactivate and reactivate the workload security agent to get the Activity Monitor working properly. However, I am glad that we get free monitoring for our servers, even though we do not get it for our workstations.
The agent program version column in the agent screen, we could never sort by. It's so handy to be able to sort by that now. We can go to one end of the scale to see the lowest agent version, and then go to the other end to see how many are updated to the latest agent.
WHAT NEEDS IMPROVEMENT?
Microsoft's new Azure Code Signing is causing a lot of issues for us with Apex One. We currently have two systems in operation, on-prem and SaaS, and many of the agents won't upgrade beyond version B11564 because these newer versions require Azure Code Signing compliance on the endpoint. If we are not up to date with our Windows updates, we don't have this compliance. Irrespective of the Windows version we are running, we have to apply patches to the machines, if the OS is not damaged, to make them compliant. After that, we can upgrade to the latest version of the respective agent. This process also applies to both Deep Security and Workload Security.
I have two production servers: one for Windows and another for Mac. These servers are available in both on-premise and SaaS versions. Additionally, I have a test server that is located on-premises. The significant distinction with the SaaS version is the absence of a test server where I can install a new version. This means I can't allow the agents on it to upgrade and then perform testing. In contrast, with the production SaaS version of Apex One, I have numerous agents transitioning and coming online. It's essential that these agents upgrade to a newer version. Among these agents, there are five or six different versions, not counting the really old ones that have yet to upgrade due to ACS noncompliance. I can't leave the testing phase for an extended period because I still have outdated agents that need to be updated. These agents can't be left hanging while I wait to test the newest version that has just been released. New versions seem to come out every couple of months in the SaaS environment. In the past, when I solely used the on-premises version, I would review security bulletins for the SaaS version to identify any issues. I'm apprehensive about potential future situations involving this, primarily because the majority of our agents now operate on the cloud version. If a problem is discovered, rolling back on those agents would be challenging. It would require careful operation to revert them to a different version.
The on-premises version of Apex One has an update function that allows us to manually update a bunch of servers. For example, if I just turned on a policy, I can force the agents to quickly download the policy and start following the update procedure or update settings. However, this function is not available in the SaaS version. This is because the system cannot communicate with the agent through the firewall. The SaaS version has an automatic update function and an update source entry in the update agents sub-menu, but it does not have a way to force agents to update. This is a problem because we cannot automatically update the agents. We have to manually log in to the machines and give them an update command. Currently, we have no choice but to wait until the agents find the updates themselves.
I am confident in Trend Micro Apex One’s capability to defend endpoints against threats like malware, ransomware, and malicious scripts.
FOR HOW LONG HAVE I USED THE SOLUTION?
I have been using Trend Micro Apex One for three years.
HOW ARE CUSTOMER SERVICE AND SUPPORT?
I have the enterprise version, so I can usually talk to someone in the Philippines even during after-hours. I only do this when it's something that can't wait until the next day. If it can wait, I'll let it go until then. But if something is broken and needs to be fixed right away, I'll get in touch with the Philippines team. They have some good people there, and the support is really good. I think Trend's support is probably the best of any of the vendors I work with.
I have a few open tickets, and one of them involves the developers. They keep coming back to me with questions that they have passed on to the service representative I'm working with. The developers want to know why I'm seeing something that they think I shouldn't be seeing. I'm generating a report that is supposed to show me all the endpoints on our workload security server that do not have agent self-protection enabled. This is part of the Vision One report. One of the endpoints that the report identifies is our service gateway. It is running Ubuntu Linux and has a Deep Security agent installed, but agent self-protection is not enabled by default. There is a way to enable it, but it's not typically done for Linux systems. Agent self-protection prevents unauthorized configuration of the Trend Deep Security agent service settings. This means that we can't change or stop the service without first disabling agent self-protection.
HOW WOULD YOU RATE CUSTOMER SERVICE AND SUPPORT?
Positive
WHAT OTHER ADVICE DO I HAVE?
I would rate Trend Micro Apex One ten out of ten.
My concern arises when an endpoint lacks Apex One, as we are not actively monitoring for this. While we possess a scanner, this is why I intend to maintain the on-premises system's functionality. I plan to transition away from the deep security system and migrate the application team to the cloud version, although this transition process is currently pending. I need to retain the on-premises Apex One primarily for assessment scanning purposes. This involves scanning all items listed in our active directory, along with the subnets for our VPN, to identify unprotected endpoints. During a recent scan, I identified nine such endpoints and proceeded to install the agent on them. Occasionally, there are instances where the agent won't install, but no error message indicates a connection issue or existing installation. Some of them show as not having the agent installed, even though they do, which can happen when the endpoint is booting up during the assessment scan and the agent hasn't yet been loaded. Resolving this is relatively swift, although there are instances where devices not compliant with ACS will trigger a message stating that the agent cannot be loaded. These devices are then flagged, and I work on making them ACS-compliant to ensure proper agent protection.
The noteworthy aspect of Apex One is that we didn't begin using it extensively until the third quarter of 2021 when vulnerability scanning was initiated. Although we had an Apex Central server, we were not using any policies on it. To enable Vulnerability Protection, we needed to implement endpoint policies in Apex Central. Vulnerability protection involves virtual patching, where regular scans check our operating system's vulnerability to known exploits. It also includes monitoring applications for vulnerabilities and guarding against those vulnerabilities until they can be patched. This process is largely automatic, as the rules to counter cyber threats are introduced until the system is patched, at which point they are removed automatically. In contrast, on the Deep Security side, I need to execute this process manually. A weekly automated scan takes place, followed by an emailed report. This report aids in identifying missing policies or necessitated rule adjustments based on scan findings. We have to constantly monitor the systems to make sure it is okay. I have email alerts coming in from Trend Micro Apex One, and Central Systems. I have folders for workload security, deep security, and Trend Micro in my inbox. I check these folders even when I'm not online to make sure there are no major alerts. In a way, this gives me peace of mind. As long as the agents are running properly and there is enough memory and disk space, everything is fine. However, I still have to manually check the Apex One System Event Log to see if any Apex One endpoints are running out of memory or disk space. We also use SCCM. I set up a scheduled script to create a report of all endpoints with less than 1 gigabyte of disk space. I put this report in a folder that is accessible to all of our school techs and team leaders. This way, they can check the report periodically to see if any endpoints need to be reimaged or have some garbage removed from the disk.
Digital Transformation is redefining the future of health care and health delivery. All stakeholders are convinced that these innovations will create value for patients, healthcare practitioners, hospitals, and governments along the patient pathway. The benefits are starting from prevention and awareness to diagnosis, treatment, short- and long-term follow-up, and ultimately survival. But how do you make sure that your working towards an architecturally sound, secure and interoperable health IT ecosystem for your hospital and avoid implementing a hodgepodge of spot solutions? How does your IT department work together with the other stakeholders, such as the doctors and other healthcare practitioners, Life Sciences companies, Tech companies, regulators and your internal governance and administrative bodies?
Read More
The Telenet Business Leadership Circle powered by CIONET, offers a platform where IT executives and thought leaders can meet to inspire each other and share best practices. We want to be a facilitator who helps you optimise the performance of your IT function and your business by embracing the endless opportunities that digital change brings.
Read More
Découvrez la dynamique du leadership numérique aux Rencontres de CIONET, le programme francophone exclusif de CIONET pour les leaders numériques en Belgique, rendu possible grâce au soutien et à l'engagement de nos partenaires de programme : Deloitte, Denodo et Red Hat. Rejoignez trois événements inspirants par an à Liège, Namur et en Brabant Wallon, où des CIOs et des experts numériques francophones de premier plan partagent leurs perspectives et expériences sur des thèmes d'affaires et de IT actuels. Laissez-vous inspirer et apprenez des meilleurs du secteur lors de sessions captivantes conçues spécialement pour soutenir et enrichir votre rôle en tant que CIO pair. Ne manquez pas cette opportunité de faire partie d'un réseau exceptionnel d'innovateurs numériques !
Read More
CIONET is committed to highlighting and celebrating female role models in IT, Tech & Digital, creating a leadership programme that empowers and elevates women within the tech industry. This initiative is dedicated to showcasing the achievements and successes of leading women, fostering an environment where female role models are recognised, and their contributions can ignite progress and inspire the next generation of women in IT. Our mission is to shine the spotlight a little brighter on female role models in IT, Tech & Digital, and to empower each other through this inner network community.
Read More
-Apr-01-2022-10-58-34-57-AM.png)
-Dec-13-2023-10-53-15-5032-AM.png)
-Jun-12-2023-01-23-11-7540-PM.png)
-Apr-01-2022-10-58-34-68-AM.png)
-2.jpg)
-Sep-01-2022-02-47-55-60-PM.png)
-Nov-22-2023-08-56-42-6802-AM.png)
.png)
.png "be-page-banner (1)")
