This week, TIBCO LogLogic has been taking part at InfoSec Europe, the largest Information Security Event in Europe. According to initial reports, there are over 17,000 registrants at this year’s event. We are at booth F50 and we hope to see you there.
One of the highlights about going to one of these shows is the chance to soak up the latest and greatest in information security and put it out for the public (recall my observations from the RSA show earlier this year). Often, there are regional differences. In EMEA, “Big Data” has not yet captured as much attention in IT Security as it has in the States (locals say, “Give it another six months.”). More often, however, you find common security issues — more common than regional people probably realize.
Avoiding the Avoidable
A favorite topic is the latest information on security breaches. At InfoSec Europe, the 2013 Cyber Security Breaches Survey was officially released, and details of the survey’s results were discussed and reviewed. One observation I made at RSA noted that 80% of successful security attacks will exploit well-known vulnerabilities that could have been detectable via security monitoring. This finding is corroborated in the UK government’s 10 Steps to Cyber Security recommendations from last year.
Despite this, the 2013 survey found that take-up of these basic security guidelines, including analysis of log data to monitor networks, was patchy at best (only 30% of large organizations had followed the guidelines). As such, perhaps it should come as little surprise the survey’s finding that 93% of large organizations (250+ employees) and 87% of small business had at least one security breach last year.
How long can we avoid avoiding the avoidable?
At the RSA Conference in San Francisco, it’s all security, all of the time. When one topic is the only focus over such a short period, it becomes easy to see current trends. Here are three that have caught my attention:
