Views
1 year ago

CSLATEST

InfoSec review the last

InfoSec review the last few years to transform and grow the Infosecurity Group portfolio, with Infosecurity Europe being the jewel in our crown. Our speaker programme, which every year goes from strength-to-strength, was jam-packed with inspirational keynotes and the most talented voices from across the industry. "We continued to showcase the very best innovations and technologies out there and welcomed over 100 new exhibiting companies, giving them the ideal platform to gain exposure for their products and services. Looking ahead, we are extremely excited to be launching our first ever Infosecurity North America show in Boston this October and are looking forward to building on the success of this show for next year as we expand our presence at Olympia." Crowds also gathered at the Keynote Stage on the last day to watch renowned forensic cyberpsychologist Professor Mary Aiken become the 2017 inductee into the Infosecurity Europe Hall of Fame. She participated in a wideranging conversation session, recounting anecdotes from her career, talking about her current research projects and sharing her insights on future threats, which was followed by a book signing session. "I am delighted to be inducted into Infosecurity Europe's Hall of Fame," Aiken said of her celebrity welcome, "particularly as this award is made by the professionals who work in the information security sector and therefore an acknowledgement of the important contribution of my discipline, cyberpsychology." INCIDENT RESPONSE A major highlight in the Keynote Stage programme on the Thursday was the Live Incident Response Scenario: Cyber Attack Survival Guide: Fostering Cyber Resilience within the Organisation session. The event brought together expert speakers from across the industry who shared their perspectives on how to respond to a cyber breach as the situation unfolded. The panel was moderated by Richard Horne, partner at PwC, and featured high-profile speakers such as Andrew Gould, detective chief inspector of Falcon - SCO7 Organised Crime Command (OCC); David Boda, head of information security at Camelot; and Joseph Da Silva, director of information security at Centrica; ANITA Bapat, senior associate at Hunton & Williams. 10 computing security July/August 2017 @CSMagAndAwards www.computingsecurity.co.uk

masterclass KEYS TO EFFECTIVE THREAT INTELLIGENCE A THREAT INTELLIGENCE FEED GIVES INSIGHTS INTO POSSIBLE IDENTITIES OF HACKERS, THE METHODS THEY USE, AND THE NETWORKS THEY ARE TARGETING, SAYS CHARLOTTE GURNEY, GROUP MARKETING MANAGER AT BROOKCOURT SOLUTIONS Only halfway through 2017 and there have already been a number of significant cybersecurity incidents reported across the globe. From the WannaCry ransomware attack in May to the Peyta incident in June, as well as targeted attacks on corporations and government agencies, securing your organisation's networks is more critical than ever. Timely threat detection via accurate threat intelligence feeds are key to thwarting hackers and play a critical role in averting cyber attacks. A threat intelligence feed is an 'Real Time' stream of data related to potential or current threats to an organisation's security. It includes data such as IP blacklists, malicious and phishing URLs, vulnerability lists, and command and control domains used to orchestrate attacks. Hackers use similar methods to breach different organisations, so a threat intelligence feed gives insights into possible identities of hackers, the methods they use, and the networks they are targeting. It allows security experts to predict future threats and establish countermeasures to protect systems. However, to set up the proper measures and avert an attack, organisations need more than just threat feeds; they need true contextualized, actionable threat intelligence. MOVING FROM THREAT DATA TO ACTIONABLE INTELLIGENCE Without properly analysing, processing, and contextualising a threat intelligence feed, organisations are simply collecting data. Once threat data is analysed in context of a specific organisation's threat surface, it needs to lead to decision makers taking the best form of action. INTEGRATING THREAT INTELLIGENCE Choosing a threat intelligence provider is an important process. Many organisations don't take the time or follow the proper process and end up with a supplier that isn't the right fit. Below are three valuable tips to help you to select the right partner. EXPERIENCE MATTERS While there are many new data feeds popping up and new companies entering the threat intelligence market, organisations should take a critical look at the track record of potential suppliers. Organisations should only consider providers with established histories, credible references, and effective security. Brookcourt Solutions has a proud track record of helping large and small corporations protect themselves from cyber threats for the last 12 years. CONSIDER INTEGRATION Organisations must consider how they'll integrate a threat intelligence platform into their security infrastructure. Companies waste time and money by purchasing feeds before knowing how to integrate them. Working with a provider that has integration tools, performs integration for you, or provides a complete solution of feeds, software, and devices delivers more immediate protection and offers ongoing cost benefits. Charlotte Gurney CHOOSE QUALITY, NOT JUST QUANTITY There's a lot of noise in data feeds and feeds that provide high volume, but lowfidelity indicators can hurt more than they help. Make sure data feeds are specific, with indicators at the URL level, not just the IP level, so legitimate sites and traffic don't get blocked and security personnel doesn't get bogged down with alert fatigue. Threat intelligence feeds provide valuable data to spot risks, forecast threats and identify possible attackers. But for feeds to be effective at preventing attacks, it requires proper analysis, based on context and specific actions to mitigate threats. www.computingsecurity.co.uk @CSMagAndAwards July/August 2017 computing security 11