Have you ever been to an event that left you wanting more when the subject matter just wasn’t up to par or even worse, an event that was almost entirely sales focused and you found yourself spending more time fixing yourself another cup of coffee rather than being part of the action? This was not the case at the 2013 Cyber Security Summit.
We were very impressed by the caliber of those who presented and participated in the 2013 Cyber Security Summit in NYC this past Wednesday, September, 25th. First off, the panelists truly made the event something to remember. Not only were each of them very knowledgeable about cyber security, but each one, just by participating, provided great insights into how they approach securing their environments. The panelists consisted of everyone from C-Level officers to mid to small level business owners and even the FBI. The diverse panel provided insight not only on growing trends, but also viable methods for all businesses to implement security strategies to meet their business objectives.
At our Zensar booth, the discussions conducted by myself and my colleague, Jason LeDuc, ranged from how can organizations secure their data on mobile devices – given the BYOD expectations of users – to how to protect the organization’s assets from internal threats including data leakage and unauthorized access to sensitive data. The internal threats can come from nefarious internal espionage attacks to the uninformed employees. In fact, during the week of this event,
a 16 year old was arrested in connection with a cyber-attack on the Dutch anti-spam group, Spamhaus. It is imperative that everyone understands that bad guys, regardless of age, never take a break from trying to gain unauthorized access to your infrastructure.
At Zensar, we believe that in order to have a robust security posture, you need three attributes – detect, defend, and recover:
- Detect: If all three attributes are equal, detection is perhaps the most critical since you cannot stop or defend what you cannot see. It is vital to have the ability to gain visibility and control in your network and there are plenty of tools and providers who can enable this capability in your environment.
- Defend: Once you have detected an attack, your system’s defense mechanism must contain and eradicate the threat from your environment. The defense is to have a multi-layered approach which can begin or end at the edge, mobile devices, the core, etc. Like the detection attribute, defending must be viewed as a critical necessity.
- Recover: Let’s face the facts, most environments, even the most secure, may be compromised sooner or later. When an attack is detected and contained, recovery is the most crucial next step. This means ensuring that your data is readily available. I’m not only talking about having the appropriate media in hand but adequate documentation and staff who are well versed in the process. Sometimes, despite the best back up media, under trained staff can add days, weeks or months to the restoration process and without proper training on all levels of your infrastructure, may leave your armor as soft as the pillow you sleep on…. assuming you sleep after attending a show like this.
With all that said, the 2013 Cyber Security Summit was hands down one of the better one day events that we’ve attended in recent memory and kudos to all who participated. Stay safe and never assume your data is secure and not worth something to someone.
Share your comments with us on what you thought of the Cyber Security Summit or the recent attack on Spamhaus?