Driving cybersecurity forward
Threats and hacks were cybersecurity’s greatest driving force over the last 25 years, according to 39% of respondents to a social media poll conducted by Infosecurity Europe (www.infosecurity-group.com) – Europe’s number one information security event, which celebrates its 25th anniversary in 2020.
Constantly advancing technologies, attack vectors and techniques have forced the industry to keep innovating over the last quarter century. Necessary regulatory oversight and compliance requirements may also have kept CSOs awake at night, but only 17% of respondents believe these had a major influence on cybersecurity development. This could reflect a feeling that legislation and regulation have little real power to move the industry on – which might indicate a need to examine and update existing regulation, including the UK Computer Misuse Act which will be 30 years old in 2020.
The emergence of new technologies has helped the industry to make strides, according to respondents, with 25% agreeing that multi-factor authentication and (MFA) and encryption were catalysts for progress. Web security expert and creator of ‘Have I Been Pwned?’, Troy Hunt, agrees this has made a huge difference: “It’s been recognised that a username and password are no longer enough, and now we have a range of different mechanisms from SMS to hard tokens. The adoption rates are still not particularly good, especially for external facing assets, but as a principle this is a fantastic thing – and where adoption is higher it does make a fundamental difference to the security landscape.”
Respondents (42%) believe that the biggest ever data loss’ will cause the most damage in the next quarter-century. This is followed by an attack on smart cities (30%), and an attack on critical national infrastructure (CNI) at 12%. Only 16% feel that the major event will involve ransomware.
Nigel Stanley, Chief Technology Officer and global head of OT cybersecurity at TÜV Rheinland, says the likelihood of an attack on CNI should not be underestimated: “A systemic attack on a fundamental service or vital industry would cause widespread unrest, disruption and damage, and have a significant societal impact. But my concern are the attacks being carried out today. Vast amounts of intellectual property, knowledge and data are being stolen as we speak and a future attack based on this could seriously challenge our defences, supporting systems and even way of life.”
Nicole Mills at Infosecurity Group, says: “Threats and hacks have driven the evolution of the cybersecurity industry over the last 25 years, and they probably always will do. The major concern around the future is data-loss – it appears that data is still king, and this is expected to remain the primary motive for cyber-attacks. We should be thinking hard about where the next big attacks will be – the healthcare or finance sectors, for example – and whether we need to do more now to prevent them. As individuals, organisations and as an industry, we must all continue to work hard to stay one step ahead of the attackers. There will be plenty of opportunities at Infosecurity Europe 2020 for visitors to hone their skills and their strategies and explore cutting-edge innovations and companies. These include FutureSec, a series of events and sessions that address the future of the information security industry by focusing on people and innovation.”
Infosecurity Europe will run from 2-4 June 2020 at Olympia London.