利用人工智能增强网络弹性

A conversation withCorence KlopCISORabobank Executive Conversations CORENCE KLOPCISO Rabobank HARNESSING AIFOR CYBERRESILIENCE Corence Klop holds almost 20 years of experiencewithin Rabobank with leading roles in the areasof digital transformation, innovation and data &analytics. In her current role, as Chief InformationSecurity Officer, Corence is responsible for settingthe information security vision, strategy andpriorities, develop and maintain the informationsecurity standards and frameworks, andrepresenting Rabobank in matters of resiliencewithin The Netherlands. She also works as a non-executive board memberof the Rabobank Pension fund and member of thesupervisory board of a library. Can you walk us through yourjourney at Rabobank and yourcurrent responsibilities as CISO? Corence Klop:I stepped into the roleof CISO at Rabobank in September2023. In this position, I hold globaland group-level responsibility for thesecurity of the bank. This includes ourcentral operations, as well as regionalbranches and subsidiaries. It’s a role thatcomes with immense accountability.If something goes wrong, the buckstops with me. But it also gives me thefreedom to shape the bank’s strategicagenda for change. Corence KlopCISORabobank Prior to this, I spent three years in thebank’s data and analytics division. I led,for example, a community of 600–700professionals focused on data andanalytics – a key area of expertise withinthe organization. My interest lies inanalytics and uncovering ways to extractvalue through actionable insights. I have a background in innovationmanagement, which fuels my passion foremerging technologies. I'm constantly onthe lookout for new tools and techniquesthat can help us stay ahead, particularlyin security and operational resilience. Security isn’t justabout preventing risk –it’s also about creatingthe greatest value foryour organization andour customers" Do you find there is friction between creating value withdata and protecting it? Corence Klop:There is friction, but I think it partly comes from mypersonality. I’m opportunistic, always thinking about what can be done withdata or certain technologies. At the same time, working in security means astrong focus on protecting privacy and assets and ringfencing sensitive data.Both aspects are important. Security isn’t just about preventing risk – it’s alsoabout creating the greatest value for your organization and our customers. THE SURGE IN CYBERATTACKS In Q1 2025, we haveseen more than 250kphishing attacksagainst Rabobank" Since assuming leadership, haveyou noticed a rise in the numberand nature of cyberattacks? Corence Klop:The increase has beenexponential. In the first half of 2025 therehas been a major increase in distributeddenial of service (DDoS) attacks. March 2025saw more denial requests than entire 2024.Financial Services is the most frequentlyattacked industry (34% of all global attacks). In Q1 2025, we have seenmore than 250k phishing attacks against Rabobank. That’s a staggeringnumber and testament to how aggressive the threat landscape hasbecome. The attack maturity is also increasing, which has massive operationalimplications. We are talking about phishing, QR code scams, man-in-the-middle attacks and, increasingly, deepfake-based threats. What’s moreconcerning is that this trend is not plateauing. Rather, it’s escalating. That’s why technologies such as AI are not just a strategic advantage,they're a necessity. With threats increasing both in volume andsophistication, we need smarter, more scalable solutions to prevent andrespond and to stay resilient. TECHNOLOGIES SUCHAS AI ARE NOT JUST ASTRATEGIC ADVANTAGE,THEY'RE A NECESSITY What do you see as the primary drivers of this surge incyber threats? Corence Klop:A major factor is the volatile geopolitical environment. Thesedynamics have real consequences on the cyber landscape. Nation-state actors and politically motivated threat groups are becomingmore active. And even beyond state-driven actions, the general level ofcriminal sophistication has risen. Bad actors are evolving fast. They’re usingAI themselves now. It’s no longer just lonehackers or small-time phishing scammers;there’s a whole ecosystem behind this. Deepfakes areentering the equation.Imagine receiving avideo call or voicemailfrom someone wholooks and soundsexactly like your boss,asking you to approvea financial transactionurgently" Could you expand on the evolutionof phishing and how attackers areadapting their methods? Corence Klop:Phishing remains one ofthe most persistent and effective forms ofattack, but it's evolving. It’s no longer justabout fake emails with suspicious links.Phishing kits have added AI integration tosimplify the process to build multi-languagetailored phishing pages delivering muchmore sophisticated results. Perhaps more alarmingly, deepfakes are entering the equation. Imaginereceiving a video call or voicemail from someone who looks and soundsexactly like your boss, a