Anthony Moillic has over 20 years of experience in the IT world. After starting his career at the European Science Foundation as the IT manager, he joined FastLane Technologies which was quickly acquired by Quest Software. At Quest, he started as an SME on Microsoft technologies and then developed the consulting team in different regions of Europe. He held several positions at Quest over time (Technical Director, Microsoft Alliance Manager and even Country Manager). When Quest was acquired by Dell, he led the PSO team for the EMEA region. For 4 years, he opened and grew METSYS (a Microsoft pure player service company) in the South-West of France and founded a software company.
Anthony is now Director, Solutions Engineering at Netwrix for the EMEA & APAC regions. Anthony’s main responsibilities are to ensure customer satisfaction, the expertise of our partner ecosystem and to be the technical voice of Netwrix in the region.
Recently, in an exclusive interview with Digital First Magazine, Anthony shared his career trajectory, insights on the cybersecurity trends to watch out for in 2024, his current roles and responsibilities at Netwrix Corporation, future plans, words of wisdom, and much more. The following excerpts are taken from the interview.
Anthony, can you tell us about your professional background and areas of interest?
I studied to be a computer engineer and soon started working for software companies, mainly based in the US, helping them to understand better their IT systems. I started as a pre-sales consultant and quickly took on responsibilities as technical director, alliances manager, country manager and professional services manager.
I have a lot of interests, including the evolution of IT, cybersecurity and artificial intelligence (AI). But I have to admit that my main interest is my family.
According to you, what are the cybersecurity trends to watch out for in 2024?
One of the key trends will be a shift toward cyber resilience, which is a focus of new regulations such as NIS2 and PCI-DSS 4. NIS2, an update to the European Union’s NIS regulation, is designed to strengthen cybersecurity across EU member states. To ensure compliance, businesses should focus on strengthening their identity and access management (IAM) and data access governance (DAG). Similarly, PCI-DSS 4 is an updated regulation from the five major credit card companies. One of its main requirements is to implement multifactor authentication (MFA) in accordance with NIST Zero Trust architecture guidelines.
Additionally, everyone is obviously thinking about the emergence of AI and the contribution it can make in defending against cyberattacks. But we shouldn’t forget that these same AI technologies can also help attackers to find new access vectors, for example, by making it easy to collect more complete social intelligence or by helping cybercriminals exploit vulnerabilities more quickly. As ever in the field of cybersecurity, it’s going to be a game of cat and mouse, with the focus always on improving your security posture.
What do you think are the biggest threats for companies at the moment, and what are common weaknesses in IT security strategies?
Companies should be particularly concerned about the supply chain as a potential way to compromise their systems. The seriousness of this threat is reflected in regulations like NIS2. The greatest challenge to covered entities and other companies will be to establish a process for auditing their systems for weaknesses in the face of attacks and improving their security posture as quickly as possible. To do that, companies need to understand who has access to what and closely manage those privileges. In addition to the IAM and DAG solutions I mentioned earlier, privileged access management (PAM) is crucial for defending against supply chain threats.
One of the biggest weaknesses I encounter daily is the complexity of Active Directory and a corresponding lack of visibility into it. Companies should take into account that AD has been around for almost 25 years, and its management, history, content and uses are generally misunderstood. This year, AD security is still in the spotlight, with a focus on strengthening management, enabling real-time threat detection and responding to attacks as soon as they occur.
Tell us about your role as Field CISO EMEA & APAC at Netwrix Corporation.
My job is to help our partners and customers better understand security risks and improve their cyber resilience. This means keeping up to date on cybersecurity trends and issues to help shape Netwrix solutions to serve customers effectively, both today and tomorrow.
I’m lucky enough to manage a team of seasoned cybersecurity professionals located all over the world and working remotely. I draw on them to help me understand the diverse cultures at organisations across all the regions we cover.
What does working in cybersecurity mean on a practical level, and what kinds of skills/personality traits are an asset in this field?
Working in a high-tech field like cybersecurity obviously requires technical skills, along with keeping those skills up to date as technology rapidly advances. But traits like curiosity and empathy are equally important.
In your academic or work career, were there any mentors who have helped you grow along the way? What’s the best piece of advice you have ever received?
I’ve been lucky to have mentors throughout my career who have helped me take full advantage of my duties. Being successful in your career depends on you, of course, but it’s also important to understand that it also depends on your network, both inside and outside the company. Having one or more mentors is part of this.
There are a few adages I keep in mind, such as “When you have to make a decision, if you have a doubt, it’s not a doubt.”
Recently, Netwrix Corporation won the ‘IT Security Superhero Award’ at the RISK Conference, 2023. What is the secret sauce behind this prestigious recognition?
We were indeed honored to receive this award. I think it’s the result of long-standing cooperation with our partners in the field. That joint work, coupled with ongoing training, helped us to gain a better understanding of our customers’ projects and to listen carefully to their security needs, whether they’re large or small.
Where would you like to be in the next 5 years?
I’d love to be still with Netwrix. As a company, we’ve come a long way in the last three years, and I’m sure we’ll continue our success in the cybersecurity sector through innovation and acquisition. It’s a very lively sector, and I’m lucky enough to be doing an exciting job at a company with a bright future.
Which technology are you investing in now to prepare for the future?
It’s obvious that large language model (LLM) is a topic worth investing in. However, the intensive use of LLMs and AI poses real problems in terms of resource consumption, especially water. Compared to CPUs, the GPUs used for AI require considerably more water to cool them, and we’ve seen that Microsoft’s estimates in this area have turned out to be very misjudged. That’s why I’m investing in sustainable programming, eco-programming and other energy-saving innovations in parallel with AI progress.
What advice would you offer others looking to build their career in cybersecurity?
Cybersecurity requires a number of character traits: curiosity, passion for technology, empathy and a genuine desire to understand. When it comes to managing relationships with partners or colleagues, I emphasize developing trust and a willingness to listen.