Being my first year at Infosecurity Europe (Infosec), I cannot compare it with previous editions.
But the feedback I received from exhibitors and attendees alike in regards to content, networking opportunities and the new venue (Olympia London) was very positive. Although official numbers are still not in yet Malcolm Wells, Exhibition Manager @ Infosecurity Europe, informs us that numbers are up on 2014. So congratulations to the Infosec team on their 20th event anniversary, and in regards to the bigger numbers this year. However, when I review the 3-day event, I don’t think big numbers, I think big picture.
From my point of view, the event addressed security from a boarder, holistic, vantage point. Not just prevention, but protection, detection, response and recovery (after all, the event tagline was ‘Protect, detect, respond and recover ’). As Kerry Prince, Infosecurity Portfolio Director mentioned: “information security is no longer just about protecting the network against attacks - it’s about building cyber-resilience to minimize business impact in the event of a breach”. The majority of the conversations that were taking place were not referencing “what could happen if” but what has and is happening now. I am sure high profile breaches in recent times have helped raise awareness at higher levels within organizations, and are now driving a more pragmatic approach to address the issue: how can we put together the pieces the security puzzle?
The event was kicked off from a business / governmental perceptive with the first Keynote by Ciaran Martin, General Director for Cyber Security at GCHQ. In his keynote, he talked about how the development of online services by businesses and governments are on the increase, but so too are the threats presented by cyber actors. These new online services mean enterprises are becoming increasingly more connected and collaborative, extending network perimeters to meet new business practices. With this back drop security practitioners are challenged to develop broader security strategies that are aligned with these new business priorities and associated risks. The tangible aspect of these risks was brought into light as the impact of security breaches in small medium businesses (SMB) has doubled in recent time, with the average breach ranging between £65,000-£100,000 (90,000 € - 137,000 € approx.). These numbers definitely command attention.
Putting the pieces together
Keynotes, strategy talks etc. by such prestigious speakers reveal great insights in addition to the value that can be gained from the messages, presentations and pitches that are being eloquently executed out on the event floor. But where you get some real ideas about deeper shifts and changes are in the those impromptu conversations, quick catching up chats that add an enormous wealth to the overall event. They can help put everything else into a little more context. From these sessions I really got the feeling that Infosecurity Europe had done a great job in this year’s event’s big picture focus, as it was very much in line with the engagements I had. There was a clear sense of trying to see the bigger picture at many levels, how can we put the pieces of the puzzle together. So ‘cyber-resilience’, ‘full security’, ‘holistic’ were themes that came up often. To give you some tangible examples of this, niche product / solution vendors were asking questions well outside of their usual remit. From a solution stand point there was interest in how and what to add on, addressing more pieces of the puzzle. Vendors in the Windows space where asking about Mac, appliance vendors were asking about endpoints, and everybody wanted to know more about getting a foothold on mobile.
Internet of Things
In regards to specific topics, Internet of Things( IoT) was up there amongst the attention grabbers, but I think that it also fits into the bigger picture piece. In the same way enterprises are becoming increasingly more connected and collaborative through online services which walk hand and hand with new business risks, so too is the consumer world – increasingly connected and at greater risk. This, in turn, raises questions that need to be answered by the security industry. To put it in the tagline words of Infosec15: ‘how will we protect, detect, respond and recover’ in the IoT space moving forward? Although, I think it is safe to say for now that we are still in the early stages in regards to the IoT security journey, and that the puzzle is unraveling as we move forward, it will surely present us all with new conundrums and challenges.
Follow the awards
On a final note: as you are interested in Infosec 2015 and also educating yourself via blogs, check out and follow the EU Security Blogger Award Winners which were announced at Infosecurity last week. Bitdefender’s renowned Hot For Security won the best European Corporate Security Blog, and the ever insightful Graham Cluley won the most educational security blog. For those of you interested in the Protect, Detect, Respond and Recover approach like me, you can download the European Information Security Report 2015 - Intelligent Security: Protect. Detect. Respond. Recover.