George Patsis is the founder and CEO of Obrela and has a proven track record in developing large-scale innovative security programs for major Global 500 companies. In an exclusive interview with Cyber Intelligence, he explains why a global approach is needed to fight cybercrime.
Cyber Intelligence: Cybercrime has evolved from hackers into a multi-trillion-dollar global industry. What changes have you seen in your career of fighting cybercrime?
George Patsis: This is a philosophical discussion shaped by the evolving changes in the human and society conditions. Ten years ago, digital communications and laptops were supplementary tools in people’s lives and perceived as an extension of our natural world. Today, we are witnessing the evolution of a full-scale digital transformation leading to an entirely new domain: cyberspace. Much like the air travel leading to partitioning of the skies, or the British Empire’s domination of the seas or the space quest. Whenever humankind discovers new domains and frontiers, the absence of clear leadership and authority often leads to conflict and crime. In the American Old West, every town had its own safe, and criminals tried to rob it. In the same way, the new digital frontier of cyberspace is driving demand for companies like OBRELA to protect their digital assets. But we need more than just individual Cybersecurity companies to protect us across the new threats in cyberspace. In the absence of a central cybersecurity authority, cybercriminals operate with near impunity—facing little resistance, no clear attribution, and a remarkably low risk of consequences
Cyber Intelligence: Can you explain how this takes place?
George Patsis: Cybercriminal groups attacking targets in the US and Europe are frequently based in countries such as Russia, Iran, etc, while routing their attacks via third-party nations, such as Thailand or Pakistan. By the time their IP is traced, it is usually too late. Even then, there is little chance of apprehending them unless there are advanced attribution mechanisms, threat detection systems, and coordinated incident response protocols in place by the companies. Moreover, there is no truly global law enforcement body dedicated exclusively to cybersecurity with the authority, infrastructure, and reach needed to effectively trace and apprehend cybercriminals across borders. A fully integrated international framework—essentially a cybersecurity equivalent of Interpol—remains a critical gap in the global response to cybercrime. Ultimately, the only sustainable solution to international cybercrime is the creation of a global cybersecurity framework—uniting regulation, law enforcement, and intelligence under a shared mandate to protect the digital world.
Cyber Intelligence: The number of third-party services used by organizations across all sectors has grown exponentially over the last 18 months. For example, staff members routinely have unsecured access to artificial intelligence (AI) services such as ChatGPT and can unwittingly cause security breaches or, at the very least, leave themselves open to targeted spear-phishing attacks. What can organizations do to protect themselves against this rapidly evolving threat?
George Patsis: This is a big subject. Supply chains are very long and incredibly difficult to secure. No single organization can hope to handle this problem alone, and each sector must address the challenge collectively. The German auto industry, for example, is laying down industry-wide standards and protocols to secure its supply chains. German companies invest in solutions that offer accreditation in the form of a certificate or card or the equivalent to ensure manufacturing companies comply with security requirements. The US is also adopting similar frameworks by doing this in the banking sector. In Europe, we also need industry-wide security standards that can scale across multiple sectors to ensure cyber security embedded in European products.
Cyber Intelligence: This year, international organizations in the US financial sector will face extremely heavy fines imposed by the European Union (EU) Digital Operation Resilience Act (DORA) if they fail to protect critical assets. How should they go about identifying these assets?
Gsorge Patsis: It is the classification of digital assets that is crucial. But it can be very challenging. The reason is the rapid evolution and volume growth of the data that all types of organizations now hold. Categories must be classified according to risk, regulation, ownership and standards, and who has access to data. By deploying the right mechanisms to protect their digital assets, organizations can significantly reduce the risk of facing steep penalties while ensuring robust security and compliance.
Cyber Intelligence: What new techniques being used by cybercriminals are the most dangerous for unsuspecting organizations? For example, voice and video deepfakes are being increasingly used to dupe unsuspecting staff members.
George Patsis: The digital world is constantly becoming increasingly complex, and cybercriminals are evolving as fast. Deepfakes are being used to target high-profile individuals across all sectors, making attacks more convincing and harder to detect. Again, the only real solution is for the digital equivalent of a body such as Interpol specifically dedicated to fighting cybercrime on a global basis. Without unified international coordination, enforcement, and intelligence-sharing, cybercriminals will continue to exploit jurisdictional gaps and operate with near impunity. This is not something that will ever be successfully tackled by single organizations or even single countries.
Cyber Intelligence: Thank you.
