The 7-9th June saw the 21st running of the InfoSecurity Europe conference, or Infosec, up in London. As Ideal's senior cyber security consultant, I was pleased to be there to meet with vendors, research products and immerse myself in the latest industry trends and discussions. Here are my takeaways.
If you follow the news you'll know it's not an easy time to be commuting between the south coast and London, but I'm glad I made the effort for Infosec. With a claimed 315-plus exhibitors it's Europe's biggest information security event, and it's especially relevant to me - the event guide listed no fewer than 35 firewall vendors, and 35 endpoint security firms.
Firewalls were still a hot topic at the conference, with Fortinet and Smoothwall among many showcasing their capability. The key theme for these next-generation firewalls was the adoption of integrated multi-platform approaches. At Ideal we partner with the two security leaders: Palo Alto Networks and Cisco due to their integrated multi-platform approach - which spans firewall, global shared threat intelligence clouds and endpoint protection - and their market-leading technology.
A compelling endpoint
The endpoint market is fascinating at the moment, with vendors including Cylance and Malwarebytes pushing new and innovative solutions focused on protection, detection, mediation, or often a combination of all three. Here we're certainly moving away from a reliance on traditional signature-based solutions, and toward innovative approaches including machine learning and exploit technique prevention. It's an exciting shift, and it will be interesting to watch the market mature in the coming months and years - especially as the threat from ransomware is not likely to diminish anytime soon. Again, both Palo Alto Networks and Cisco have strong offerings in this space.
Security Information and Event Management (SIEM) products are key to an effective security response, and two SIEM providers - AlienVault and LogRhythm - showcased excellent capabilities. They're among the vendors we'll be evaluating as we look to launch our 24/7 security operations centre (SOC).
Of the keynote events, two in particular stood out. Ex-foreign minister William Hague gave a fascinating presentation on how the privacy of individuals and businesses should be balanced against our national security. He cited the recent Apple versus FBI case as an example: despite there being strong and understandable commercial reasons for not breaking data encryption models, there are national security interests which may be more important.
A Q&A session involving representatives from the FBI, Metropolitan Police, Europol, and the private sector, discussed the move to mandatory reporting of data breaches among other things. There's no doubt that incoming EU-mandated requirements will increase the effectiveness of law enforcement in solving cybercrime, but there's still no fixed date for when they'll become law in the UK: this really does need to be as early as feasible.
All in all, Infosec remains a valuable event, providing the opportunity to meet lots of vendors and other experts, and get a better overview of the need for government to balance national security against our privacy. There was much of interest, but my three key takeaways are:
- Endpoint protection - new threats are being addressed with fascinating new technology.
- Mandatory data breach reporting - this can only help tackle the growing threat from cyber criminals, but it's imperative that the UK implements it quickly.
- Data privacy - there's a need to balance personal, business and national interest. Again, shifting technology and threats require an adaptive approach from the state.
Discover how we can help with your security challenges. Call us on 01273 957500, or get in touch online.