Cyber Security 2017: tackling cyber-threats together

APTFilter AVGNews CERT-LatestNews FSecureNews KasperskyNews Malware McAfeeNews Security News SocialEngineering SophosNews SymantecNews ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic TrendMicroNews Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesCrypto VulnerabilitiesDBMS VulnerabilitiesFirmware VulnerabilitiesGoogle VulnerabilitiesHardware VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesMozilla VulnerabilitiesNetwork VulnerabilitiesOS VulnerabilitiesVMWare VulnerabilitiesVOIP

Panellist speakers at The Telegraph Cyber Security Conference 2017 said businesses need to take a proactive approach to protecting themselves from ever-changing cyber-threats.

Julien Blanchez, Global Security & Compliance Strategist, Google

Julien Blanchez

“Everybody is faced with a leap of faith in terms of keeping assets secure against cyber-attacks. Slowly people are realising that they need to put their data on to someone else’s infrastructure. That is a big evolution now, and there is a huge amount of trust and reputation at stake. We have seen a shift in the last year or so whereby organisations have started to put security at the forefront of their negotiations. Customers will increase their expeditions and start to select their providers based on the quality of their defences. For example, I choose my bank based on its second-step authentication method. “The arrival of the General Data Protection Regulation [in May 2018] is the best thing that can happen to the digitalisation of Europe. First, we should be proud that this will be a beacon for the rest of the world. And second, it is going to increase both security of data controls and trust, and it is already accelerating demands of our services.”

Greg Davis, Executive Partner, IBM Security

Greg Davis

“There is a deeply concerning skills shortage in the cybersecurity space. Reports suggest that by 2020 there will be more than 1.5 million unfilled positions globally within the industry. The challenge is to make security analysts smarter and speed up quality decision making, but we can’t train people fast enough to cover that gap. So, there has to be a role for artificial intelligence (AI) in addressing that worrying issue. We are in the first evolutional stage of AI, using it to augment our cybersecurity processes, which informs decisions and takes away mundane elements, but also slows things down because the human operator is swamped by extra data. There will come a time when we need to more readily trust what AI is telling us. We’ll see a massive increase in the value of AI in the cybersecurity space as we move through the next five to 10 years.”

Daniel Selman, Head of Data Privacy and Information Management, Direct Line Group

Daniel Selman

“Cybercrime is a common threat and should therefore be a shared problem, but it is clear that the level of collaboration differs depending on the industry, as well as the culture within the specific sector. Many industries are open to dynamic, fluid, collaboration; however, those in banking and financial services, for instance, are constrained because they are heavily regulated. There is a nervousness that collaboration could be seen as breaching competition laws, and a feeling that even discussing fairly common issues – such as the General Data Protection Regulation – could be viewed as dangerous. That has an impact, and in reality means that collaboration does not happen as much as those industries would like. So when it does happen, it is through the auspices of a regulator, which slows things down when agility is required. A line in the sand needs to be drawn. The bad guys are working together to make their threat more potent, so if we don’t collaborate we will continue to be at a disadvantage.”

Nick Wilding, Head of RESILIA Cyber Resilience at AXELOS

Nick Wilding

“Fighting cybersecurity is as much about culture and human behaviour as technology. Every person in your company has a vital role to play, but is enough being done? There is an acceptance that there is not; all too often people are not adapting quickly enough, even if they are provided with training. How do we build an environment that encourages people to discuss this more effectively and limit cyber-risks through their own behaviour? Is there too much stick and not enough carrot? Perhaps there should be greater rewards for good cyberhygiene and behaviour. Cybersecurity training needs to be regular and take in new technologies – games, simulations and animations – to really engage and educate people. Leadership teams have a responsibility to ensure they are demonstrating the importance of good practice to all staff.”