About Lukasz Olszewski


Global Head of CERT – BDS at Atos and member of the Scientific Community

Lukasz Olszewski is a cybersecurity expert and leader with over 13 years of experience. He is a Distinguished Expert in Atos Experts Community. He currently leads Atos Computer Emergency Response Team (CERT) delivering digital forensics, security incident response, malware analysis, threat hunting, red teaming and intelligence services. Lukasz has a degree in Computer Science and has previously worked as System Administrator working mostly with Linux and Unix systems. After that he joined the Royal Bank of Scotland as Technology Risk Analyst working on information security risk assessments. In 2013 Lukasz joined Atos as a Security Engineer and later took the role of the Lead Architect in the area of SIEM and security monitoring, detection and analysis. Lukasz has responded to many severe security incidents, taken part in many global security projects, major R&D initiatives, multiple proof of concepts and authored many security service processes. Lukasz is also Certified Information Systems Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA) and Certified Ethical Hacker (CEHv8).




Follow or contact Lukasz


Articles posted by Lukasz Olszewski

Four pragmatic approaches to prioritize your cybersecurity investments

Developing and prioritizing investment needs is not an easy task for most Chief Information Security Officers (CISOs). Most of them face strong budgeting constraints and need to justify every penny they request extensively. Some will only get significant spending approved after their organization experienced a significant breach. This article aims to provide a list of selected, pragmatic approaches…

The five most important steps to improving cybersecurity in your organization

1.     Have a response team No matter how good your organization is in risk management and implementing security measures it is certain that sooner or later it will experience a severe security incident or a breach. When this happens the only thing that can effectively minimize the impact and quickly recover from the…

What can we learn from the GAO report on the US Weapon Systems Cybersecurity

At the beginning of this month the United States Government Accountability Office released a public report titled:   “WEAPON SYSTEMS CYBERSECURITY DOD Just Beginning to Grapple with Scale of Vulnerabilities”   The assessment was performed as the US Department of Defense “(…) plans to spend about $1.66 trillion to…

Proactive Threat Hunting – Practical Use Cases

In my last article, I explained how organizations can redirect attention away from alerts but invest in more fine-grained and proactive threat detection. I put forward an example for a simplified threat hunting process. Today, I’d like to share some practical use cases in establishing proactive threat hunting. Don’t ignore your Anti-Virus (AV) logs Many treat their AV as…

Proactive Threat Hunting – no longer a whim

We are undoubtedly in the era of huge security alert fatigue. This has been caused by the vast number of false positive alerts generated every day by countless security products that organizations put in place to improve their defences. Because of this, it’s hard to justify resources who would essentially focus on… Producing even more alerts instead of…

Bad Rabbit: what we know

As the third massive ransomware outbreak of the year, ‘Bad Rabbit’, draws to a close, let’s have a look at the evolution of the recent attacks: Wannacry, NotPetya and Bad Rabbit. Although these attacks are the first self-propagating ransomworms that can both encrypt a system & spread automatically by exploiting vulnerabilities in network and system devices,  still, they all follow the line…