Insights from the exhibition floor at Infosec 2019
One of the most significant events in the cybersecurity industry calendar in Europe is InfoSecurity 2019.
This year held in London, following a year that’s seen the rise of ‘hacking-as-a-service’, and a distinct tendency for bad actors to concentrate their efforts on people, not perimeters, we attempted to gauge opinion from the exhibition floor, from the companies at the sharp end of IT protection.
The scale of Infosec 2019 certainly gave some indication as to the size and scope of the industry that’s sprung up since data became the accepted medium of exchange for 99.9 percent of businesses. From ‘mom-and-pop’ retail stores in Peru to artisanal workshops in the foothills of the mountains of Hokkaido island, to the world-straddling multinationals disrupting markets with new technology, cybersecurity has never been such a hot topic.
Whether threats are created by ‘traditional’ breaches of the perimeter of networks or are caused by human error or mismanagement by staff inside the IT function or across the entire workforce, the familiar tropes included the high importance of detection and response.
— Troy Hunt (@troyhunt) June 5, 2019
“Full visibility across the digital business coupled with near real-time detection and response becomes a requirement by enterprises’ senior management,” said Itay Yanovski, Co-Founder & SVP Strategy, CyberInt. “The faster a breach can be identified and contained, the lower the costs. Strategic decision-making increasingly requires risk assessment, vulnerability management, and security posture’s impact analysis on business resilience as part of due diligence and evaluation steps. The urgency of this approach was once again emphasized following the Marriott data breach in December 2018 originated in the acquired Starwood Network, with nearly 500 million guests affected.
“The CISO role is becoming more prominent, as well as fraud and brand reputation protection, requiring greater involvement in activities once performed exclusively by CFOs, CMOs, and legal secretaries.”
Threat actors are well aware of the importance of time, or rather, the timing of attacks. Many data breaches remain undetected for many days or even months, with malicious code biding its time to release its payloads later. Dormant threats may be active in device memory, or may only consist of relatively innocent code that will, in time, download more sophisticated attack routines. Finding and responding to threats of that type require specialist skills. In addition to skills, of course, there’s a need for the ability to react swiftly. Chris Goettl, the Director of Security Solutions at Ivanti said:
“The appearance of vulnerabilities such as BlueKeep, with the potential to cause more damage than WannaCry, have made a huge difference […]. Large-scale vulnerabilities prove the importance of patching promptly and efficiently, and making quick decisions about how to do this – it’s no longer reasonable for patching to take upwards of 120 days.”
That view was echoed by Hannu Kilpeläinen, Product Marketing, Detection and Response, F-Secure:
“We believe there’s still a massive gap between detection and response, as well as a growing talent gap in cybersecurity. Technology alone is not a silver bullet that prevents all data breaches and solves those gaps. We see more organizations navigating these gaps by augmenting their own IT Security teams with managed threat hunting teams that are equipped to detect and contain highly skilled hands-on-keyboard attackers in minutes.”
YOU MIGHT LIKE
Sue Black champions women in cybersecurity
Whether it’s untrained staff that inadvertently respond to targeted phishing, or a service or database left unprotected due to oversight, the human element was a recurring theme, with plenty of companies on the exhibition floor offering systems to enforce safer practices or impart knowledge at scale. Poor practices like sharing authentication credentials or using the same passwords for multiple accounts (at home and work) mean hackers are relying on human fallibility rather than perimeter breaches to achieve their ends.
Maya Schirmann, Chief Marketing Officer of XM Cyber said, “Hackers are moving away from developing sophisticated new zero-day exploits to focus instead on taking advantage of poor IT hygiene in order to move laterally in the organization without being noticed. Hackers leverage misconfigurations, user errors, and lack of strong credentials. This aspect of IT security should not be overlooked as it has a huge impact on an organization’s security posture and critical assets’ security.”
— Sophos (@Sophos) June 5, 2019
As for the future, technologies like machine learning are bolstering products’ capabilities to recognize anomalous activities and behavior patterns, both of code and people, too. Baking good cyber practice into everyday business activities got a definite thumbs-up from industry giant Symantec:
“Organizations are now looking to consolidate their security vendors, use a platform to integrate the key pillars of their cybersecurity estate, take advantage of machine learning and artificial intelligence, automate mundane manual tasks and introduce better workflow. The overall aim is to be a more agile, cost-effective, and business-aligned function. The most successful of them have put security at the heart of their digital transformation projects, securing board-level support, and a step-change budget,” said Paul Knott, Security Strategist EMEA, Symantec.
As ever, keep returning to these pages to get up-to-the-minute news about cybersecurity issues, and learn how some of our partners and featured products can help your organization protect itself and its people from malware, viruses, DDoS attacks and the host of other unpleasant attacks that continue to dominate technology headlines.
17 July 2019