Tech Insights from Innovative Minds: Răzvan Axinia, Cybersecurity Specialist in our SecOps Department

All businesses rely on technology for day-to-day operations, data management, and communication. This dependence makes them vulnerable to cyber threats, including phishing, system compromises, and data breaches. Eventually, these risks can lead to financial losses, operational disruptions, and reputational damage. The harsh truth? No company is immune to these threats.
 
At ASSIST Software, we embed cybersecurity into every aspect of our operations. Our dedicated department works around the clock to monitor internal systems and safeguard client data. Thus, implementing extensive risk assessments and adopting the latest security protocols help us stay ahead of emerging threats. As cyber attackers continuously refine their tactics, we must adapt swiftly and focus on identifying potential vulnerabilities firsthand.

"Quantum computing has the potential to break widely used encryption algorithms, especially those based on RSA and ECC, by leveraging Shor's algorithm to factor large primes exponentially faster than classical computers. This threatens the foundational trust model of secure communications, such as TLS, VPNs, and digital certificates.

To prepare, companies should:

➢ Inventory cryptographic assets: Know what algorithms and keys are in use across your infrastructure.

➢ Adopt crypto-agility: Build systems flexible enough to swap cryptographic algorithms without massive reengineering.

➢ Follow NIST's post-quantum standardization: NIST is finalizing quantum-resistant algorithms like CRYSTALS-Kyber and Dilithium.

➢ Run pilot programs: Begin testing these algorithms in controlled environments.

➢ Monitor vendor roadmaps: Work with software and hardware providers to understand their PQC transition plans. 

From my own experience, many companies overlook the importance of crypto-inventory. I once led an assessment where legacy hard-coded RSA keys were buried deep in embedded devices—a huge blocker for future transition. 

The urgency comes from a strategy that hackers and nation-states are suspected of using today: "Harvest Now, Decrypt Later" (HNDL), also called "Store Now, Decrypt Later." This means an adversary can intercept and save your encrypted data today, with the intention of decrypting it once they have a quantum computer in the future, even if it takes years to build a quantum capable of breaking encryption.  

Post-quantum cryptography isn't a future problem. It's a present planning challenge. Early preparation today means secure resilience tomorrow."

"Companies today face a few standout threats, the most pressing being phishing and social engineering, ransomware, cloud misconfigurations, and supply chain vulnerabilities. From my experience, attackers often opt for the simplest entry point: tricking people rather than hacking machines.

Here's how to avoid:

  1. Phishing & social engineering: Train employees regularly (including phishing simulations) and enforce multi-factor authentication. Following NIST guidelines, layered defenses like email filtering and strong password policies reduce the impact of human error.

  2. Ransomware: Back up critical data offline (the 3-2-1 rule) and apply security patches promptly. An incident response plan aligned with ISO 27001 can save time and resources when every minute counts.

  3. Cloud misconfigurations: Cloud providers offer robust controls, but it's up to organizations to configure them correctly. Tools like CSPM (Cloud Security Posture Management) help identify issues, while frameworks like CIS Benchmarks guide secure setups.

  4. Supply chain risks: Vet vendors' security practices (e.g., by checking compliance or pen testing) and keep track of third-party components. OWASP also recommends having an up-to-date inventory of software dependencies (SBOM). 

Across all threats, a balanced approach—combining the right technology, processes, and people skills—builds resilience. No single tool will solve everything, but consistent patching, vigilant training, and a solid framework like NIST CSF or ISO 27001 can significantly lower the odds of a breach."
 

"AI-driven attacks, including deepfake impersonations and adversarial AI, are reshaping the threat landscape. Deepfakes can imitate an executive's voice or face to request a money transfer, while adversarial AI can subtly tweak an image or data input. Hence, a machine learning system makes the wrong decision, such as tricking a spam filter or bypassing facial recognition. 

I once read about a deepfake incident where attackers used a slightly distorted "CEO voice" to request funds; although someone caught on because of a subtle glitch in speech, rapidly advancing AI could soon eliminate these telltale signs, making deepfakes indistinguishable from the real thing. 

To defend against such threats, companies should:  

➢ Strengthen verification: Implement strict multi-factor checks for sensitive requests.

➢ Adopt AI detection tools: Leverage software that flags deepfakes or suspicious behavior in real-time.

➢ Secure your AI systems: Conduct regular adversarial testing on machine learning models and protect training data from tampering.

➢ Educate teams: Show employees examples of deepfake and adversarial attacks and train them to verify unusual requests through alternate channels.  

While AI can boost our defenses, it also empowers attackers with more realistic and targeted methods. Staying vigilant—through layered security, continuous testing, and strong user awareness—remains essential to counter AI-driven threats in today's evolving cybersecurity landscape."

"Data poisoning and adversarial attacks are two major risks for any AI or ML system. Data poisoning involves injecting malicious samples into training datasets to corrupt a model's learning, while adversarial attacks exploit the model's "blind spots" by crafting inputs that cause wrong predictions. In my years working across network security and incident response, I've seen how critical it is to address both threats from the ground up. 

Key security measures:

➢ Data integrity controls: Implement strict data vetting, secure storage, and access controls. Only trusted personnel or verified pipelines should modify training data.

➢ Adversarial training & testing: Expose models to adversarial examples during development and perform regular "red team" exercises to discover weaknesses.

➢ Monitoring & anomaly detection: Continuously track model performance and watch for unexpected behavior or distribution shifts in input data.

➢ Incident response playbooks: Treat AI breaches like any cyber incident: have clear processes to isolate compromised models, analyze root causes, and retrain or patch. 

Throughout my career, I've found that good AI security hinges on collaboration among data scientists, DevOps, and cybersecurity teams. By embedding these measures early and maintaining a vigilant monitoring process, companies can keep their AI models trustworthy and resilient."

"I treat continuous learning as non-negotiable in cybersecurity. Each morning, I scan reputable sources, like Krebs on Security, Dark Reading, and official alerts from CISA or CERT, to catch urgent risks. This daily routine helps me stay on top of zero-day exploits, AI-driven scams, or major breaches. 

➢ Curated updates: Subscribing to newsletters or podcasts (e.g., Unsupervised Learning, Darknet Diaries) provides weekly highlights in an easy-to-digest form.

➢ Community & conferences: Engaging with OWASP chapters or attending events like Black Hat fosters peer insights and live demos you won't get in a standard report.

➢ Hands-on labs: I keep a home lab environment to simulate attacks, practice new exploits, and test AI-based detection tools. Seeing these threats firsthand builds better defensive instincts.

➢ Quantum preparations: I follow NIST's progress on post-quantum cryptography to anticipate how encryption standards may shift, ensuring we stay ahead of emerging quantum risks.  

Collaborating with fellow security professionals also expands my perspective. Monthly threat briefings or informal chats often expose practical tips that official releases might miss.  

By making research, practice, and collaboration part of my daily routine, I'm better equipped to tackle present-day threats and adapt to AI- or quantum-related challenges on the horizon. Continuous learning is more than just a task in cybersecurity. It's a lifelong habit."

"One key approach is to first ensure the training process includes a blend of robust data governance and strong cybersecurity safeguards. On the data side, that means curating diverse and representative datasets, screening them for anomalies, and regularly testing for bias before and after model deployment. This helps the model avoid skewed or unfair outputs. Cybersecurity-wise, we harden against adversarial and data-poisoning attacks by using adversarial training (teaching the model to spot "trick" inputs) and strict input validation. 
 
Next, we rely heavily on human oversight. Reinforcement Learning from Human Feedback (RLHF) is a good example: humans rate or refine the AI's outputs so it naturally learns ethical and helpful responses. For extra protection, we set up "human-in-the-loop" review systems, especially for high-stakes decisions.  
 
Finally, frameworks and tools play a big role in helping teams check and manage their AI's integrity. On the ethics side, libraries like IBM's AI Fairness 360 and Microsoft's Fairlearn help detect and reduce bias. On the security side, adversarial robustness toolkits expose potential exploits early so we can fix them before attackers find them. Organizations also follow AI governance standards like NIST's AI Risk Management Framework to ensure transparent, accountable development. 
 
In summary, preventing biased or misleading AI boils down to a multi-layer defense: proper data hygiene, technical resilience, and ongoing human oversight. By treating AI as a vital part of overall cybersecurity strategy, we reduce risk and build trust in the system's outputs—ultimately safeguarding both users and the broader digital environment."

"Communicating cybersecurity risks to non-technical executives starts with understanding their priorities, like protecting revenue, customer trust, and compliance. Over the years, I've learned that framing a threat in terms of business impact (lost sales, downtime, or regulatory fines) resonates far more than technical jargon ever could. 

I keep my explanations simple and clear:  

➢ Highlight the risk in plain language ("We found a weakness that could let attackers access sensitive data").

➢ Describe potential business consequences (reputation damage, financial loss).

➢ Present actionable steps ("We recommend two-factor authentication to reduce this risk"). 

When an incident occurs, timely and transparent communication is key. I'll send a quick high-level alert first, then follow up with more detail once the facts are confirmed. Executives appreciate a structured update:  

➢ What happened?

➢ How does it affect the business?

➢ How we're containing the issue?

➢ Next steps or resources needed?  

By focusing on the business impact, cutting out needless jargon, and providing clear action plans, I ensure stakeholders fully understand the risks and can make informed decisions that keep the company secure."

Phishing remains one of the most common cyber threats. It deceives users into sharing sensitive data, such as passwords and financial details. In our internal contest, Best Innovative Minds 2022 edition, Răzvan and his team worked together to develop a browser extension that detects phishing attempts before users interact with malicious links. This tool analyzes website metadata and patterns to identify potential threats. Once a phishing attempt is detected, users are promptly alerted, helping them avoid compromised sites and protect their data. The extension is also designed with accessibility features to benefit a broader range of users.  

• Read more about it!

Cybersecurity solutions are not a one-time purchase. They are tools that require continuous learning and adaptation. To have the best and most effective solutions, the people behind them also need constant training. Therefore, Răzvan constantly engages in various activities to enhance his knowledge and skills. Some of these events and activities include sharing insights with the community at the European Researchers' Night held at Suceava University, holding internal educational sessions and contests for colleagues, or event taking part in larger events like Tech Cafe or DefCamp, where he exchanges insights with fellow industry experts. 

The best way to handle cybersecurity is by taking a proactive approach. Cyber attackers continuously evolve, searching for new vulnerabilities to exploit. At ASSIST Software, Răzvan and the team ensure that security is integrated into every stage of the software development process. Rather than reacting to attacks, they focus on anticipating and eliminating risks before they even occur. This approach minimizes the risk of breaches and helps us and our clients maintain secure systems throughout their lifecycle. From our 33 years of experience, a proactive strategy is the best method for companies to protect their systems and data while maintaining operational continuity. 

A single vulnerability can be enough to compromise an entire system. Our cybersecurity team works closely with clients to identify risks, implement best practices, and develop custom security solutions. We can talk about securing cloud infrastructure, hardening on-premise security, preventing phishing attacks, or integrating security into development workflows, but our final goal is to help companies stay ahead of cyber threats. 

• Contact us to find out how we can strengthen your security and safeguard your operations!