Infosecurity Europe 2013: Day 1 Thoughts
Marcel Santilli 270002FABM email@example.com | | Tags:  ibm-x-force xforce infosec13 ibm_security x-force infosec ibmxforce europe tom-kendall ibmsecurity ibm-security big-data infosecurity-europe security infosecurity security-intelligence vulnerabilities byod
0 Comments | 2,600 Visits
Wow, the end of a great first day at Infosecurity Europe. Our stand was very bright and impactful and with our industry experts, business partners and action packed agenda, it has been truly engaging day!
We had four workshops across the day and below are the key points that I thought were raised.
We opened with a packed room to hear Simon Smith, Technical Professional for IBM Security Systems, present the latest IT security trends and risks from the IBM X-Force 2012 Annual Trend & Risk Report. Simon spoke about how from 2011 being the “year of the targeted attack”, 2012 has been "the explosion of the breach continues."
He then delved into the key findings, including how the exploitation of web application vulnerabilities rose 14% in 2012 to more than 3,500 known issues and that 43% of all reported vulnerabilities were led by Cross-site scripting (XSS) and SQL injection.
An interesting discussion point within the room was Mobile computing is on track to be more secure than traditional computing by 2014. This has occurred due to the help of emerging technologies to encrypt, containerize and wipe data remotely. For more information on the reports findings, please go to the dedicated website http://www.ibm.com/security/xforce/.
Next up was Brendan Byrne, Associate Partner and Privacy for IBM, talking about “Security Implications of the use of Bigger and Smarter Data." Brendan started with delving into the topic of Big Data. He described how the explosion of new technologies, new business models being adopted and easier interconnectivity has led to organisations security risk increasing, due to the large amount of data being produced constantly. He then went into detail about IBM Security Intelligence with Big Data use cases, including:
Brendan closed by identifying what the security challenges of using Big Data are, highlighting to the audience that they must make sure their organisations supply chain are all on the same page when it comes to Information Security.
Our afternoon session was kicked off by Stephen Williams, Principle Software Consultant for our business partner Pirean and Jon Harry, a senior IT security specialist at IBM, providing a great analysis of "Identity and Access Management for the modern enterprise." Stephen set the scene by showing the audience why there is a requirement to move beyond authentication. He described how Identity and access management (IAM) needs to evolve to meet rapid and recent changes in service hosting, user interface design and business requirements.
There was an interesting discussion regarding the new IAM requirements, including support for incremental change, support for ‘B.Y.O.D’ and mitigating the need for ‘role mining’, which Stephen discussed why organisations must adapt. Jon then took over and went through how the IBM next generation identity and access management strategy supports these needs.
The final session of the day “Thinking like an attacker to make your defences better” was held by Neil Warburton, Security Architect for IBM. With people queuing out of the door to get in, we knew it was going to be an inspirational session. Neil immediately grabbed the audience’s attention with some staggering facts, including 2,641,350 being the number of security attacks the average company faces per week. The severity and frequency of such attacks immediately caused discussion from the audience and led nicely into Neil’s discussion on how an attacker exploits a breach. He started with showing how complex it is for an organisation to track and react to potential security threats and that an attacker usually uses the below 5 steps:
Neil then highlighted to the audience how they needed to think differently about security by collecting and analyzing everything. The collection of information is just the tip of the iceberg but the key is to analyse the information intelligently. Click here to find out more about IBM Security.
If you were unable to come to one of our workshops but are interested in what was discussed above, we will be posting all the presentations on http://ibm.co/1106Bdy. I look forward to bringing to you my thoughts tomorrow evening from day 2 of Infosecurity Europe 2013!
Tom joined the IBM Security Systems marketing team through the acquisition of Q1 Labs team. He was the EMEA Marketing Team Lead for Q1 Labs and worked on the demand generation and channel partner marketing programmes. Tom moved into the WW Marketing team for IBM Security Systems and has been the lead for Demand Generation in Threat and Security Intelligence, and has taken on the role of the IMT first role for Europe. Before joining IBM, Tom worked for 8 years in the advertising industry in London, working on media strategies for large enterprise clients.