Dubex: A 25-year journey in cybersecurity so far

25-years ago Dubex was founded. Back in those days, in 1997 to be precise, Dubex was founded with a vague vision of providing security for computer systems and the Internet. Looking back, it feels like way more than 25-years has passed.

A look back to 1997

Back in 1997 at the very end of the last millennium, the Internet was just starting to become known outside the universities and the academia. There were still some discussions whether the Internet were to be taken seriously or if it was just another hype that soon would disappear. Amazon was just a small company founded in 1994 and Google was only founded in 1998, a year after Dubex. Searching on the Internet had to be done using the search engine Alta Vista using a Netscape Navigator web browser. This is a little difficult to understand today where anyone younger than 25 perceives the Internet as an absolutely integrated and necessary part of life.

In 1997 no one would know what you were talking about if you complained about “missing 4G in the car to be able to watch YouTube on your iPad”.

Also, the threat landscape was very different and in many ways the Internet was more friendly than today. Today’s highly organized criminal groups did not exist yet, and besides a few persons trying to steal credit card information with very simply means, most hacking was done for fun and fame. This led to form the stereotype that still last – hackers mostly being young boys sitting at home in their room eating pizza and drinking Cola while hacking big companies. The intelligence services were just discovering what could be accomplished on the Internet, but not what threats it could contain.

After today’s standard the security level was ridiculously low, and no system would have survived many seconds in today’s threat environment. Most software was sown with huge amounts of vulnerabilities and was very seldom updated, as it had to be done manually. Most traffic was unencrypted, almost no-one used two-factor authentication and passwords were only a few characters long. Finally, updates for antivirus software were distributed once a month on 3.5” floppy disks that you had to remember to install.

Talking to customers was very different from today as the Internet was not top of mind anywhere. Mostly the first step was to explain the Internet and the dangers within, and that security is required. Usually, the Internet related tasks were given to the most network-technical employee and it was pure luck ever talking to an IT-manager. But of course, at that time the internet was just nice-to-have and in no way critical for the business.

… and fast forward to 2022

Telling the entire story of Internet security and Dubex between 1997 and today would require an article the size of a large novel, so instead some of the most important changes will be highlighted.

The biggest fundamental difference between 1997 and today is that the entire Danish society has become digitalized to a degree no one dared to dream of in 1997. The digitalization encompasses the way our businesses operate and how we live our day-to-day life. Also, the entire physical world around us is becoming more and more digital. This digitalization has been built on top of an Internet that is extremely vulnerable, but at the same time also shows great resilience and adaptability. This development has changed the Internet from a convenience to an extremely important necessity for our society, and the need for cybersecurity has become mandatory.

This means that cybersecurity has moved from a dark corner in the it-department to the executive management and the board. Today, the consequences of a cyber incident can be so critical that a company can suffer significant losses and in worst case risk bankruptcy. Cyber incidents have the potential to put our entire society to a halt and threaten our way of life. This makes cyber- and information security an inevitable topic, that the management need to understand and be involved in. For us in Dubex, this means that our conversations today are often at the management and board level, not about technical discussions, but about aligning business needs with security. Security has become an essential business enabler and license to operate.

Today’s it-systems are inconceivable more secure than the ones back in 1997, but at the same time the complexity has risen. There are way more attackers and they have become much more skilled. This means that the probability of experiencing a cyberattack today still are significant, but because of our dependency on digital solutions and the attackers having a malicious intent, the risk considering the consequences are that much higher.

The threat landscape also have changed significantly – mostly from people hacking for fun and fame, to very well-organized and well-funded criminal syndicates in mafialike setups and governmental intelligence services. This means that organisations are unable to match their adversaries, and the only way to have a chance is to work together and share knowledge.

The technology has become much more advanced over the past 25-years and many paradigms has changed, for instance with the introduction of cloud services. The security technologies have also become more and more advanced. This has led to a change in the requirements regarding the needed skills and competencies. In many areas security has become much more specialized. This means that it is very difficult for ordinary organisations to have all the necessary skills themselves, making cybersecurity more and more a delivered service where the provider can have the critical mass.

What a development in only 25-years. The pace of evolution in digitalization and security has accelerated wildly and nothing indicates the pace is slowing down anytime soon. This means that security will keep developing for the years to come – and there is still a long and exciting journey ahead of all of us.

Thank you for the first 25-years. We are looking forward to the next and what they might bring.

25-year anniversary reception

We are celebrating our anniversary May 12th in Søborg. Everyone are welcome, but we would appreciate that you sign up if you plan on attending. 

Sign up and find more information here: dubex.dk/event/25-year-anniversary-reception/

We look forward seeing you!

Address tomorrow’s challenge, today.

Talk to an expert about how we can secure your business