InfoSecurity Europe 2014
Unfortunately the first 2 days were marred by a tube strike in London. I believe this put many people off visiting Earl's Court for the event until the last day, it certainly did for me!
So what did I see?
I watched a keynote seminar inducting Dr Eric Cole into the InfoSecurity Europe hall of fame. He had some wonderful insight into security issues of the day and what areas security professionals should focus on. He discussed the switch of security from inbound threats to outbound threats. Many attacks require an outbound connection to allow data to be sent externally and this is an area to focus monitoring on. Among many things he shared with the audience he issued the Eric Cole challenge.
Get a usage report of outbound internet connectivity by host IP.
Check the top 10 largest bandwidth used by each host
Check the top 10 longest established outbound connection by each host
Check the top 10 hosts with most blocked outbound connections
If a host is on all three lists.....it has probably been compromised.
He also made the analogy that our networks are like our bodies. We do not expect to never get sick, it is about how we can reduce the likelihood of it occurring and how quickly we can recover. Our networks are the same these days, it is not a question of IF you will be compromised, but WHEN and HOW you get over it.
It was a fascinating session which did really make me think. You can even see me thinking intently during the highlights video of the day.
(skip to 1:10 to see me!)
I met up with the Egress team at their colourful stand. They have a product which allows companies to securely share data with customers. Their products even stops people from taking screenshots using Snipping Tool and watermarks the screen to make it easy to determine if someone has leaked information using a physical camera. Their technology stack looks really interesting and seems to have overcome the barrier of providing secure email, without requiring the end customer requiring funky software or exchanging certificates.
They also had a buzzwire game which someone miraculously completed in under 12 seconds! I was rubbish and couldn't even complete it!!!
My company use the Good Technology stack for BYOD. Our staff have found it really useful, but the user experience isn't the greatest, especially when using dynamics apps. I spoke to a couple of the Good team and they explained that this is a big focus for them in the next 12 months. They have an event (Good Exchange) which I am going to, hopefully I will see the fruit of their labour.
I spoke to F5 about their product stack, it was great to see a stand with whiteboards and markers. There is nothing I like more than drawing a scenario on a whiteboard and being able to visualise someone else's ideas.
Pen Test Partners
These guys had a great demo presentation where they described how hackers can use the JTAG interface on mobile phones to hack information. Their stand was mocked up to look like a kitchen and the presenters were dressed as chefs. It was a bit gimmicky, but the information and presentation material were second to none.
Overall it was a cracking day and I will definitely try to attend again.