5 things we learned at Infosecurity 2017

5 things we learned at Infosecurity 2017
08/06/2017 MHC

Europe’s largest and most comprehensive information security event Information Security Europe took place in London’s Olympia between 6-8 June 2017. The event provided visitors the opportunity to be updated on the latest industry news, product and technology developments and information across several industries including; Finance, Banking, Insurance and Consultancy.

Here are the five most interesting learnings from Infosecurity Europe 2017:

1) Women taking up Cyber Security roles is increasing

The number of women in senior IT roles in the Cyber Security space is rapidly growing. One of the leading women in this field, Dame Stella Rimington formerly Director General at MI5, gave a great talk on the progression of women’s roles in cyber security over the last 30 years noting “challenges remain on overcoming workplace barriers towards attitude, skill and career prospects.”

2) GDPR is coming

The General Data Protection Regulation (GDPR) comes into force on 25th May 2018. This regulation applies to all companies (and individuals) that process the personal data of individuals located in the EU. The new regulation carries fines of up to €20 million or 4% of an organisation’s global revenue (whichever is the greater) for non-compliant companies. There is an enormous push across the industry to help enable businesses become compliant including: log monitoring, breach detection, data management, data auditing and system security. MHC’s In-house Solicitor, Chi Onugha, stated in his Article on GDPR in March 2017: “Overall, the GDPR creates a wider, clearer and more authoritative system offering more protection to data subjects and organisations that fall within the scope of the regulations. Technical and organisational measures will need to be implemented so that privacy is embedded in company software, systems and processes and not just at the point of delivery (“privacy by design”).  With the ever-increasing use of cloud computing, it is crucial that companies screen their chosen cloud providers thoroughly to ensure that they are in compliance with the relevant legislation (GDPR or national equivalent).”

3) Cloud Solution offerings are growing

Cloud solutions are still among the hottest topics in this space and competition in the Cloud Industry is picking up. With so many offerings now available, it is easier than ever to set up a new business with online capabilities, web apps and service. To anyone looking for a Cloud Services  a thorough examination of the market is recommended as interrogation and solid requirements are key to finding a suitable solution.

4) Ransomware has driven the need for system patch monitoring and back-up systems

The WannaCry Ransomware attack, which began in May 2017, infected over 230,000 computers globally in just one day and highlighted the need for system patch monitoring and back-up systems that provide point-in-time back-ups. Other methods of mitigation exist and include Virtual Desktop Infrastructure, which enables the removal of infected machines. This highlights the need to keep patches up-to-date across all systems and should be part of industry best practice.

5) The value of monitoring business data is enormous

User Behaviour Analytics (UBA) is the tracking, collection and assessment of user data and activities through monitoring systems. UBA technologies analyse historical data logs, including network and authentication logs, which are collected and stored in log management and SIEM (Security Information and Event Management) systems in order to identify patterns of traffic caused by user behaviours, both normal and malicious. While UBA systems do not take action based on their findings, they are intended to provide security teams with actionable insights. This field is rapidly growing, as businesses are realising the potential value of monitoring their business data.