Written by: Zaquis Ross – With Infosec Europe 2018 behind us, here is a recap on the highlights from the conference and Attivo’s experience as a first-time exhibitor.
Infosecurity Europe is the region’s number one information security event featuring Europe’s largest and most comprehensive conference program and over 400 exhibitors showcasing the most relevant information security solutions and products to 19,500+ information security professionals. The theme of this year’s conference was Building Tomorrow’s Cybersecurity Today.
The conference kicked off on Tuesday morning with an opening keynote presentation by Former CEO of TalkTalk Group, Baroness Dido Harding. Baroness Harding spoke on the View from the Board: A CEO’s Perspective on Cybersecurity. Drawing from her own experience as a former CEO of TalkTalk, Baroness Harding discussed how she defines value and how to present information about risk posture, threats, and cybersecurity strategies.
On day two, the opening keynote was Baroness Martha Lane Fox, Co-Founder of Lastminute.com as she spoke about Dystopia or Utopia? Privacy and & Cybersecurity in the Digital Age. She discussed the privacy implications of our increasingly networked world and how this affects the work of the information security community.
On the final day Robert Hannigan, former Director General, GCHQ spoke about Weaponising the Web: Nation-State Hack & What it Means for Enterprise Cybersecurity. During his presentation, Mr. Hannigan discussed the reality of nation-state sponsored cybercrime, the risk to different types of organizations, and how to mitigate these risks.
According to Paul Simmonds, CEO of the Global Identity Foundation during the webinar, Trends Discussed at Infosecurity Europe 2018, one of the hot topics that stood out was deception technology.
It’s great to see that deception technology is gaining global recognition for its efficacy in early detection. However, it is more important than ever for organizations to understand the different types of deception technology available and why not all deception is created equal. Unlike other offerings, Attivo’s technology is purpose-built to provide easy to deploy, authentic, and comprehensive deception for early threat detection and the integrations to automate and accelerate incident response. Based on customer adoption, Attivo is proving to be one of the most versatile options for active defense, with a wide range of organizations from the mid-market up to the Fortune 500 embracing the technology.
This was further demonstrated in conversations at the stand where we saw a steady flow of information security professionals of all titles stopping by to learn more about deception technology and Attivo’s solutions.
The top three themes our team encountered when speaking with attendees were:
Insider Threat – There is a continued issue of disgruntled employees leaving backdoors open to the network allowing for later access of data. Because of the efficient way that deception technology detects threats already inside the network, it is effectively positioned to identify insiders before they can compromise client data, whether accidentally or intentionally.
Corporate Compliance with GDPR and Security Control Regulations – One of the hottest topics at the show was GDPR, the European legal framework that will hold organizations accountable to safeguard all personal data that is collected. Along with the security and authorized usage of personal data, the EU has a heavy focus on security control compliance. The European Union Agency for Network and Information Security (ENISA) is report complied with recommendations on standardization of EU organizations security controls.
In readying for GDPR organizations are re-evaluated their technology and processes to assess their ability to detect, audit, and report breaches to ensure GDPR compliance. Many are rapidly adopting new solutions that are designed to detect attacks early, accurately, and provide a detailed analysis that can explain the magnitude of the breach, as well as the corrective actions to contain it. This is an area where deception technology can help. Deception technology can better prepare organizations for GDPR Article 33 – the notification of a personal data breach to the supervisory authority – by providing powerful security controls not only detect attacks before they become full blown data breaches, but by gathering forensic information to assist in meeting the regulatory reporting requirements.
MSSP Provider Offerings – A heavy interest was placed on the Managed Security Services Providers offerings, to help businesses expand their security structure with limited internal resources. Attivo has recently hired Myles Naughton, VP of Services Providers, who is streamlining MSSPs and create strong partnerships to provide a better product for our customers.
There were all types of networking events during Infosec’s 3-day conference. Rant hosted an exceptional event at the Famous 3 Kings Pub called “Perfect Cyber Security Storm”. Tony Cole, Chief Technology Officer at Attivo Networks, was invited to speak on the evolution of deception technology and how organizations can implement deception to turn the tables on modern attackers.
The themes covered in Tony’s presentation include:
- What is Deception
- How it’s worked in the Past
- Deception today
- The Growing Cyber Attack Problem
- Deception in the Cyber Realm
The statistics on the growing cyber-attack epidemic shocked many attendees. Below is a visual representation Tony included in his presentation of this pervasive evolution:
SC Magazine Awards
Attivo Networks was honored to be able to attend The SC Magazine Awards. Upon arriving to event, guests were greeted by doormen dressed in extravagant kilts and top hats. Attendees enjoyed a decadent meal, entertainment, and had the opportunity to network with the world’s industry leaders in the Information Security space. During the awards ceremony, Attivo Networks was voted ‘Highly Commended’ in the Best Deception Technology category.
The increasing number of attacks and ever-changing threat landscape are driving organizations in all sectors to seek innovative solutions that address the present day and evolving security challenges. At Infosec 2018, they embraced this reality and made a point of looking to innovative technologies to keep up with this digital transformation, implement strategies to manage human risk, comply with new regulatory oversight, and more. It was exciting to see deception technology recognized for its ability to dramatically reduce dwell time, accelerate remediation, and provide key capabilities necessary for building tomorrow’s cybersecurity today.
What were your key takeaways from the show and what do you expect to see at Infosec 2019?