Infosecurity Europe 2011: New attack vectors change the landscape

The cybercrime landscape is changing with the overall cost to the UK economy estimated at £27bn per year, by a recent report by the Office of Cyber Security & Information Assurance. The report reveals that whilst government and the citizen are affected by rising levels of cyber crime, at an estimated £2.2bn and £3.1bn cost respectively, business bears the lion’s share of the cost at a total estimated cost of £21bn.

The astonishing array of new security attack vectors – means that visitors to Infosecurity Europe will be sourcing new solutions combined with knowledge to combat these threats. This year’s show will take place at London’s Earls Court Exhibition Centre April 19/21.

Along with hundreds of exhibitors showcasing the latest products and services, there will be a wealth of educational, as well as informative, sessions, all of which are – as in previous years – entirely free of charge.

Central to this will be a roster of events in the keynote theatre, supplemented by parallel sessions in the business strategy theatre and the technical theatre.

David Smith, Deputy Commissioner and Director of Data Protection from the Information Commissioner’s Office will give a keynote address that will summarize the developments over the last 12 months, providing an update on the increased powers of the Information Commissioner to assess organizations compliance with data protection laws and new powers to impose fines of up to £500,000 for significant breaches.

Future compliance is covered in seminar titled “What Compliance Juggernauts are Coming Down the Road for Security?’ The panel – including representatives from the Steering Committee on Information Technology Crime, Interpol; GRBA, Capita Group; Field Fisher Waterhouse and Nottingham County Council, will carefully assess where to prioritise and also what’s coming down the road in terms of legislation and compliance that you need to be aware of.

The financial aspect of security is a regular theme on this year’s agenda as another seminar, this time titled “The Economics of Security – Can You Cut Your Budget and Bolster Security?’ also takes on the subject. Panellists NSPCC, Electronic Arts and The Oval Group will pose the opening conundrum: “If you had to lose 30% of your security budget in the next 24 hours, what would you lose and why??’.

Mobile phones feature too with one session turning the debate on its head posing the question ‘Can You Turn Mobile Devices To Your Advantage Or Are They The Next Big Security Hole?!’ Lead by analyst Bloor, the panel includes representatives from NFU Mutual, LAMCO LLC – Lehman Brothers Holdings and NHS Dumfries and Galloway. With arguments for, and against, this is likely to be a lively debate!

Back on the attack vector trail the keynote theatre will see a team of specialists cover ‘Advanced Persistent Threats – Hype Or Reality’ – will look at this newly-discovered, but potentially serious problem for IT security professionals. Panelists lined up for this session include specialists from the Serious Organized Crime Agency, the online better exchange Betfair and communications giant Virgin Media.

There is a topical debate on social media led by Michael Page International, the Cobra Group, Investec and the Ministry of Defence. The consumerization of IT is brought under the spotlight by the Institute of Information Security Professionals, LeasePlan, Sue Ryder, GlaxoSmithKline and SABMiller.

The keynote on Securing The Cloud includes Bob Tarzey, an analyst with Quocirca and blogger for the Infosecurity Network, and representatives from Barclaycard, Bank of America and DAF Trucks.

Every organisation’s largest commodity, it’s workforce, also gets examined in a seminar titled ‘Don’t Forget the User – How to Make Them Your Biggest Ally.’ A business is only ever as successful as those people it employs. When it comes to effective information security your workforce are your number one asset and with the right training and risk awareness they can be the eyes and ears for the business beyond the IT security infrastructure that is in place. However, without the proper risk awareness they can also pose a significant threat – be it knowing or unknowingly – especially today as we start to see the increased use of employee-owned IT in the workplace and the explosion of social media. This discussion will highlight the key factors to incorporate into any employee awareness training, especially how best to make people care by making them relate to the corporate risks in the same way they would towards personal risk.