by Bharat Mistry
Any IT security professional expecting a quiet summer this year will have been bitterly disappointed. From the global destruction wreaked by NotPetya in June to revelations of a dangerously widespread flaw in the IoT ecosystem the following month, there’s been plenty keep the white hat community busy. Most recently, WikiLeaks has publicised yet another CIA attack tool, this time one designed to capture video from connected cameras. The sheer volume of threats discovered on an almost weekly basis can be mind-boggling.
The good news is that CLOUDSEC is back in less than three weeks. Offering IT leaders a chance to hear from some of the world’s smartest thinkers on IoT security, ransomware, cloud-based threats, data protection and more, it’s just the tonic you need after a summer fighting IT fires.
A cruel summer
Last year Trend Micro alone blocked nearly 82 billion new malware threats globally, recording a staggering 752% increase in new ransomware families. Recent events seem to have shown there’s no sign of any major slow-down in such trends. Just this week a new report claimed that the number of UK retailers reporting data breach incidents to the Information Commissioner’s Office (ICO) has doubled over the past year.
A few days ago, WikiLeaks detailed CouchPotato, a CIA-developed program used to collect video streams from IoT cameras. As with other similar leaks, there’s always a risk that the black hats could use such information to attack businesses and consumers. The Internet of Things in particular is a minefield for security professionals, providing multiple new potentially unsecured entry points into the corporate network as well as opportunities for hackers to monitor communications and even disrupt physical processes.
The Devil’s Ivy flaw revealed in July highlighted the problem with code reuse in the IoT ecosystem, where potentially critical vulnerabilities could end up in tens of millions of devices all over the world.
It’s good to see both the US and UK government making moves of late to improve baseline IoT security. The UK released guidelines for connected car security, while US senators introduced a bipartisan bill designed to improve IoT security across the board. But such efforts will take a while to have any real impact.
Raising the bar
In the meantime, IT and business decision makers need best practice advice from some of the best in the industry. That’s what they’ll get at CLOUDSEC 2017 in London next month. Back by popular demand, the one-day show will be jam-packed with presentations from Gartner analysts; FBI and Interpol law enforcers; and representatives from the US Department of Homeland Security, OWASP, NCSC, and many more.
Pen Test Partners founder Ken Munro will show the potentially catastrophic impact of an IoT attack on critical infrastructure, while Trend Micro’s very own VP of security research, Rik Ferguson, will propose an innovative new model to raise the bar of IoT security. This year’s show is all about providing organisations with the knowledge and skills they need to “Level Up” against an increasingly forbidding threat landscape.
With less than three weeks ago, places are selling fast. To reserve yours, get in touch today.
What: CLOUDSEC 2017
When: Tuesday 5 September
Where: Park Plaza Westminster Bridge, London