"If we start relying too heavily on the use of AI, we risk losing human creativity"
At a time when cyber threats are becoming increasingly complex, many organisations still struggle to get their basic security in order. According to Bert de Jong, Principal Expert Cybersecurity at Sopra Steria, this remains a significant issue: “You’d expect that by 2025, organisations would have their security sorted, but nothing could be further from the truth.” A conversation about his field, the Security Operations Centre (SOC), and whether artificial intelligence (AI) is truly going to transform the sector.
SOC as the central line of defence
As the head of the SOC at Sopra Steria, De Jong leads a team that monitors the digital safety of clients 24/7. The SOC acts as the central line of defence against digital attacks. The team analyses suspicious network activity, responds to incidents, and carries out forensic investigations and threat intelligence. Speed is crucial to limit the damage. The aim is to identify threats as quickly as possible and either mitigate or prevent them, ensuring the minimal impact on the organisation.
The SOC’s strength lies not only in technology and expertise but also in collaboration with other SOC teams. Within Europe, Sopra Steria works with over 2,000 security professionals who exchange knowledge and tools. This collective approach ensures faster detection of emerging threats and more effective response.
From helpdesk to cybersecurity expert
De Jong has long been active in the world of digital security. His career began at the Ministry of Defence, where he progressed from the helpdesk to the SOC, discovering his passion for cybersecurity along the way. He later worked at the National Cyber Security Centre, focusing primarily on incident response and threat intelligence. After running his own business, he eventually joined Sopra Steria, where he not only leads a team of security specialists operationally, but also contributes to strategy, business development, and coaching colleagues. He also represents Sopra Steria externally by attending events, giving presentations, and writing blogs. Most recently, he wrote a blog in response to the NATO summit in The Hague about addressing threats in the context of temporary events.
Structural cybersecurity challenges
According to De Jong, there are several structural challenges in cybersecurity. First and foremost is the fact that many organisations do not have their basic measures in place. He often sees companies failing to implement essentials such as multi-factor authentication, backups, and system updates. “I can’t stress this enough, if you have your basic measures in order, combined with a continuous risk management process, you’re already a long way towards improved cyber resilience,” De Jong emphasises.
The human factor also remains a vulnerable link. It is vital to raise employee awareness of risks, but De Jong warns it’s unrealistic to expect staff to recognise every phishing email. Organisations that are immediately compromised when someone clicks a malicious link clearly do not have their security set up properly. Moreover, many organisations still believe they are “not interesting enough” for attackers, even though they are targeted daily by automated scans and intrusion attempts.
Rapid evolution of cyber attacks
Another key challenge is the speed at which cyber attacks evolve. De Jong explains: “It’s the classic cat-and-mouse game. Attackers are constantly inventing new methods, and we must anticipate them. Although 100% security is impossible, a solid risk-based approach can intercept around 80–90% of attacks.”
There is also the global shortage of well-trained specialists. Estimates suggest that an additional one million cybersecurity professionals are needed worldwide to meet current demands.
Supply chain attacks, where hackers attempt to gain access via suppliers, are also a growing threat. De Jong gives an example in which a customer’s supplier was hacked, and malicious emails were sent from that compromised channel. Thanks to timely detection, further damage was avoided, but it underscores the importance of securing the entire supply chain.
Elevating cybersecurity to board level
To address all these challenges, De Jong advocates placing cybersecurity at the right level within organisations. “What we still see too often is a CISO being appointed and made responsible for everything, while ultimate accountability should lie higher in the organisation. Fortunately, the NIS2 directive now includes this, making cybersecurity a board-level responsibility.”
Deepfakes and quantum computing
New technologies bring new risks as well as opportunities. Deepfakes - AI-generated fake video and audio - are, according to De Jong, a new kind of threat that will require new defence strategies. Quantum computing is also on his radar, as it could pose a threat to current cryptographic standards. “With this technology, encrypted data can be deciphered extremely quickly. Fortunately, there is now symmetric cryptography that is considered quantum-proof. The National Cyber Security Centre has published useful guidance to help organisations prepare and migrate to stronger cryptographic standards.”
In the search for smarter security, De Jong is also exploring SOAR (Security, Orchestration, Automation & Response) technology, which automates the handling of less critical security alerts. This allows analysts to focus on complex matters that require human interpretation.
AI versus human creativity
De Jong has mixed feelings about the use of AI. He sees its potential, for example in analysing data from various sources, but remains unconvinced that AI will fully deliver on its cybersecurity promises. “My main concern is the loss of human inventiveness and creativity. I worry that we’ll start using AI for everything and just run a prompt. You’re then only as effective as the prompt you give and the AI you use. In incident response today, it’s still human ingenuity and outside-the-box thinking that help identify what’s really going on. If we rely too heavily on AI, I fear we’ll lose that experience, and that would be a real shame.” He believes AI should be viewed as a tool, not a miracle solution.
De Jong’s message is clear: effective cybersecurity demands a solid foundation, continuous vigilance, and strategic use of technology - all while preserving the irreplaceable power of human ingenuity.