Secure Data 2016: 'Its going to get louder'
While industry is starting to wake up to cyberthreats, is there too much noise to tell whats really threatening and whats benign?
Amid all that static, it can hard to see whats really important (_DJ_ via flickr)
“In our industry there's never been more noise”, said Etienne Greeff as he opened Secure Data 2016, at London's science museum. This year was titled ‘Kill The Noise'.
“The question here,” added Greeff, is ““how do we get to the nub of what actually matters”. There are millions of new malware variants every week; a typical customer will get 17,000 alerts a week, only a handful of which they should be caring about and at the same time they are being assaulted with sales pitches from countless new security vendors.
Isn't this kind of a good thing? The discipline of security, once largely ignored, is now listened to intently in many camps. Yet, numbers from the UK government show that 74 percent of SMEs were breached in 2015.
Defence might have changed, but so has offence, said Greeff: “With the democratisation of tools and the industrialisation of hacking, everyone's a target now”
For all the noise heard now, there is more coming. Technology is not just becoming an enabler of business, but it is fundamentally transformational. Breaches are becoming bigger and more frequent and landmark regulation is on the horizon that promises to enforce good security behaviour with heavy fines for non-compliance. With the expansion of threats and their attendant responsibilities comes yet more noise.
Cyber-security consultant Sarb Sembhi spoke to SCMagazineUK.com on the subject, commenting: “Our risk appetite today and our risk appetite next month will be different”.
“There is a lot of noise out there that's caused by a whole range of things - it's increasing all the time. The problem for the average security person is that they don't have the time to understand where the current noise is and where the next noise is coming from and to differentiate what is of importance and relevant to their organisation right now and what's going to be relevant tomorrow”
The noise one ignores today, is not so avoidable tomorrow, added Sembhi: “I think for many organisations they often need to understand how much of what is going on they want to manage themselves and how much they are in a position to be able to outsource to somebody that they trust.”