Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Security IT Summit

Your personalised schedule at the Smarter Payments Summit…

960 640 Stuart O'Brien

The Smarter Payments Summit is a highly-focused one-day event that will help underpin your strategy for 2020 and beyond.

It takes place on September 9th at the Hilton London Tower Bridge and is entirely FREE for you to attend.

This will be your schedule:

8.00am: Registration
8.45am: Opening presentation
9.40am: Seminar sessions
10.30M: Pre-arranged 1-2-1 meetings with suppliers of your choice
1.30pm: Lunch & networking
2.20pm: Pre-arranged 1-2-1 meetings with suppliers of your choice
4.30-pm: Event closes

The Smarter Payments Summit could be the best day you spend out of the office in 2019.

Register your FREE place here.

Government strives to increase diversity in cyber security

960 640 Stuart O'Brien

The third round of funding through the Cyber Skills Immediate Impact Fund (CSIIF) has been launched by Cyber Security Minister Nigel Adams.

The Fund aims to increase the number and diversity of people entering the cyber security profession, with training providers able to bid for up to £100,000 to work with employers and design training programmes which retrain a diverse range of individuals for a career in cyber security.

Alongside this Adams has also announced that after a competitive grant competition, the Institution of Engineering and Technology (IET) has been appointed the lead organisation in charge of designing and delivering the new UK Cyber Security Council, alongside a wider alliance of cyber security professional organisations.

The UK Cyber Security Council will aim to coordinate the existing professional landscape, to make cyber security a well structured and easy to navigate profession which represents, supports and drives excellence going forward.

Cyber Security Minister Nigel Adams said: “The UK is a world leader in tackling cyber attacks but we must make sure we continue to develop the talent we need to protect the public and business online.

“This latest round of funding demonstrates our commitment to make sure the UK’s cyber security industry has a skilled and diverse workforce and, through our new Cyber Security Council, there are clear paths for those wishing to join the profession.”

Simon Edwards, IET Director of Governance and External Engagement, said: “It’s fundamental that cyber security is seen as a nationally recognised and established profession with clear career pathways. The IET, alongside an alliance of professional cyber security organisations, will bring together the credibility and knowledge across a wide range of disciplines to further strengthen the UK’s leadership position in cyber security innovation and resilience on the global stage. With cyber skills shortages already emerging at every level, we are committed to working with the Government and the National Cyber Security Centre on delivering the rapid, yet capable development of specialist cyber skills to meet the growing needs of the industry, manage risk and secure the next generation of talent.”

Jacqueline de Rojas, President, techUK said: “As businesses become ever more reliant on digital tools, the need for a skilled and professional cyber workforce in the UK has increased. Yet the Government’s National Cyber Security Skills Strategy found that more than half of all businesses and charities in the UK have a basic cyber security skills gap.

“Increasing diversity in the sector is one way in which we can seek to plug the growing cyber skills gap, and that is why initiatives like the Immediate Impact Fund are so important. Coupled with the creation of a new Cyber Security Council that will create clearer pathways for people entering the sector, these announcements will go a long way to ensuring that we create and nurture our cyber professionals and continue making the UK the safest place to be online.”

The deadline for applications to the Cyber Skills Immediate Impact Fund (CSIIF) is the 27th September.

Twelve initiatives have already received support from CSIIF with more than 400 people benefitting from training opportunities.

Barracuda snaps up bot detection software

960 640 Stuart O'Brien

Barracuda has acquired bot detection technology from InficSecure Technologies, adding capabilities to its WAF-as-a-Service and Web Application Firewall platforms.

Bot detection has evolved to combat more human-like bot attacks. Low-and-slow bots, which request data slowly and rotate IP addresses often, require special fingerprinting techniques to detect.

Barracuda says combining InfiSecure’s technology with its own Global Threat Intelligence Infrastructure’s set of behavioural data points, will provide WAF with powerful capabilities to combat such attacks.

Barracuda says a generic bot detection methodology fails to address the specific bots written for different applications. InfiSecure’s machine learning layer provides automatic profiling of each individual application to provide application-specific bot detection and mitigation capabilities and help ensure the highest protection.

“This strategic technology acquisition further strengthens our application security portfolio and our commitment to provide application security to our customers,” said Tim Jefferson, SVP, Engineering of Data Protection, Network and Application Security, Barracuda Networks. 

“InfiSecure perfectly complements our recently released Advanced Bot Detection and will bring next-generation capabilities to our WAF-as-a-Service and Web Application Firewall offerings.”

Security IT Summit: An event created just for you

960 640 Stuart O'Brien

The Security IT Summit is a unique one-day event which allows senior cyber security professionals to meet with innovative and competitive suppliers to the industry.

5 November 2019 – Hilton London Canary Wharf

It is entirely free for cyber security professionals to attend and, as our VIP guest, you will be provided with a bespoke itinerary of pre-arranged, face-to-face meetings with suppliers who match your requirements and upcoming projects.

During the course of the event, you can also attend insightful and inspirational seminars from industry thought-leaders. And there are plenty of opportunities to network with like-minded peers who share your challenges.

Lunch and refreshments are also included with your free ticket.

Simply register your place here.

To find out more about attending the Security IT Summit, contact Emily Gallagher on 01992 374085 or email e.gallagher@forumevents.co.uk.

If you’re a supplier to the sector, contact Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk to find out about the range of event partner packages.

www.securityitsummit.co.uk

Google, Microsoft back UK government on cyber security

960 640 Stuart O'Brien

Major businesses including Google and Microsoft have pledged to help the UK tackle the most damaging cyber security threats.

Up to £117 million of private industry investment will be combined with £70 million of government funding through the modern Industrial Strategy to develop new technologies.

These will range from a new and secure hardware prototype that can cope with cyber-attacks, to software protected from new vulnerabilities appearing online.

The government says that with cyber threats constantly evolving, the best defence in the future is seen as developing innovative solutions that can work independently and protect against threats even during attacks. It also wants to ensure that every UK organisation is as cyber secure and resilient as possible.

Nearly all UK businesses are reliant on digital technology and online services, yet more than 30% have experienced a cyber-security breach or attack in the last 12 months, according to the government’s own data.

For example, hackable home wifi routers can be used by attackers in botnets to attack major services and businesses.

The government says businesses are having to spend increasing amounts on cyber security, up to 20 to 40% of their IT spend in some cases. And as more and more systems are connected, whether in the home or businesses, there is a need for security that is secure by design.

Business Secretary Greg Clark said: “Digital devices and online services are powering more of our daily lives than ever before, from booking a doctors’ appointment to buying online shopping. While these devices and services bring great benefits to businesses and consumers, they come with the associated risks of cyber-attacks and threats that are becoming increasingly complex to tackle.

“As we move to a more data-driven economy, nearly all UK businesses and organisations are reliant on these digital technologies and online services – but the threat of cyber-attacks is ever-present, with more than 30% of businesses having experienced a cyber-security breach or attack in the last 12 months.

“With government and industry investing together as part of our modern Industrial Strategy, we will ensure that the UK is well placed to capitalise on our status as one of the world leaders in cyber security by ‘designing in’ innovative measures into our technology that protect us from cyber threats. This will also help us bring down the growing cybersecurity costs to businesses.”

This expected joint investment will create projects to develop new solutions to cyber security over the next 5 years, with the aim of applying the findings in real-world markets through dedicated demo-projects led by business.

For example, these demo projects could include testing the new technology in the health sector to ensure a higher level of protection for patient data, or in consumer markets to ensure consumers’ personal data is fully protected as far as possible.

Dr Ian Levy, National Cyber Security Centre’s Technical Director said: “The National Cyber Security Centre is committed to improving security from the ground up, and we have been working closely with government to promote adoption of technology and practices to protect the UK.

“We hope this additional investment will drive fundamental changes to products we use every day. This is vital work, because improving hardware can eradicate a wide range of vulnerabilities that cause significant harm.”

Developing innovative solutions to cyber security will help put the UK at the forefront of the AI and data revolution, in support of the government’s AI and Data Grand Challenge.

Details on the upcoming rounds of funding for this Digital Security by Design challenge, which will likely bring together academics, research institutions, start-ups, SMEs and large businesses, will be announced later this year.

Image by Gerd Altmann from Pixabay

Security IT Summit

Register today for the Smarter Payments Summit

960 640 Stuart O'Brien

You’re about to miss out on the fintech and payment transaction event of the year.

The Smarter Payments Summit takes place on September 9th at the Hilton London Tower Bridge, providing a full day of business connections, learning and networking – and it’s free for senior payment transaction and cyber security professionals to attend.

Simply register here – your VIP place also includes complimentary lunch and refreshments.

But act swiftly as we have limited places available. Here’s who you will be joining:

  • AEG Presents 
  • Alison Hayes
  • Atombank
  • Badoo Trading 
  • BNP Paribas 
  • Borough Kitchen
  • British Heart Foundation
  • BT
  • Byron Hamburgers 
  • Crown Commercial Service
  • Curvy Kate
  • DAZN
  • Decathlon
  • De Beers Jewellers
  • FairQuid
  • Financial Times
  • Gett
  • Gohenry
  • Greene King
  • Hakkasan Group
  • Hays Travel 
  • Huawei
  • Intouch Gaming
  • Into The Blue
  • James Villa Holidays 
  • John Lewis
  • Lulu Guinness
  • LVGIG
  • Marathonbet
  • MarketInvoice 
  • Matches Fashion
  • myLotto24 
  • NewDay 
  • Ocado Solutions
  • Penhaligon’s
  • Perricone MDp
  • PwC
  • Royal Society Protection Birds
  • Selfridges
  • SohoHouse & Co
  • Sotheby’s
  • Starbucks Coffee Company
  • TalkTalk
  • Tesco
  • The Go-Ahead Group 
  • The Share Centre
  • The Stars Group
  • Three UK
  • Universal Music Group
  • Valor Hospitality Europe 
  • Virgin Money
  • William Hill
  • Zing Online Media 

Don’t miss out! Register today or contact me to find out more.

£33m available for quantum security projects

960 640 Stuart O'Brien

The government has invited businesses to apply for a share of up to £33 million to work with others on developing new products and services that exploit quantum technologies.

The second generation of technologies based on new quantum effects promises to deliver more secure digital communication, improved construction and radical increases in computing power.

This, the government says, could transform many business sectors including automotive, healthcare, infrastructure, telecommunications, cybersecurity and defence.

As such, there is up to £33 million available from the Industrial Strategy Challenge Fund to invest in projects that aim to speed up commercialisation of these quantum technologies.

Projects must aim to speed up commercialisation of second-generation quantum technologies and should address at least one of the following areas:

  • connectivity and techniques for securing data in storage and in flight
  • situational awareness including autonomous systems; sensors and detectors for the built environment, transport and infrastructure; imaging and sensing of things currently invisible
  • transformational computing to solve currently unmanageable problems

The competition has 2 strands:

The competition opens on 5 August 2019, and the deadline for applications is at midday on 30 October 2019.

Security IT Summit – Everything you need to know

960 640 Stuart O'Brien

Are you free on November 5th 2019? Join us at the Security IT Summit– Here’s everything you need to know!

The Security IT Summit is a bespoke and highly-targeted one-day event created specifically for senior cyber security professionals like you.

It is entirely FREE for you to attend.

Simply register your place here.

When: 5 November 2019

Where: Hilton London Canary Wharf

Format: Corporate ‘speed-dating’. As our VIP guest, you will be provided with a bespoke and personalised itinerary of pre-arranged, 1-2-1 meetings with suppliers relevant to your requirements. A series of seminars will also be hosted throughout the event, and you can network with professionals who share your challenges.

Lunch and refreshments are included with your ticket.

Who Attends: Senior professionals with job titles, including:-

Security Director

  • IT Manager
  • IT Specialist
  • Head of IT
  • Systems Manager
  • Network Infrastructure Manager
  • Information Security Manager

Would you like to join them? Click here to claim your place!

NCSC details key wins in cyber security war

960 640 Stuart O'Brien

A scam to defraud thousands of UK citizens using a fake email address spoofing a UK airport was one of a wide range of cyber attacks successfully prevented by the National Cyber Security Centre (NCSC) in the last 12 months.

Details of the criminal campaign are just one case study of many in Active Cyber Defence – The Second Year, a comprehensive analysis of the NCSC’s programme to protect the UK from cyber attacks.

The thwarting of the airport scam was one example in 2018 of how ACD protects the public.

The incident occurred last August when criminals tried to send in excess of 200,000 emails purporting to be from a UK airport and using a non-existent gov.uk address in a bid to defraud people.

However, the emails never reached the intended recipients’ inboxes because the NCSC’s ACD system automatically detected the suspicious domain name and the recipient’s mail providers never delivered the spoof messages. The real email account used by the criminals to communicate with victims was also taken down.

In addition, a combination of ACD services has helped HMRC’s own efforts in reducing the criminal use of their brand. HMRC was the 16th most phished brand globally in 2016, but by the end of 2018 it was 146th in the world.

Dr Ian Levy, the NCSC’s Technical Director and author of the ACD report, said: “These are just two examples of the value of ACD – they protected thousands of UK citizens and further reduced the criminal utility of UK brands. Concerted effort can dissuade criminals and protect UK citizens.

“While this and other successes are encouraging, we know there is more to do, and we would welcome partnerships with people and organisations who wish to contribute to the ACD ecosystem so that together we can further protect UK citizens.

“This second comprehensive analysis we have undertaken of the programme shows that this bold approach to preventing cyber attacks is continuing to deliver for the British public.”

Introduced by the NCSC in 2016, ACD is an interventionist approach designed to stop cyber attacks from ever happening. It includes the programmes Web Check, DMARC, Public Sector DNS and a takedown service.

The ACD technology, which is free at the point of use, intends to protect the majority of the UK from the majority of the harm from the majority of the attacks the majority of the time.

Other key findings for 2018 from the second ACD report include:

  • In 2018 the NCSC took down 22,133 phishing campaigns hosted in UK delegated IP space, totalling 142,203 individual attacks;
  • 14,124 UK government-related phishing sites were removed;
  • Thanks to ACD the number of phishing campaigns against HMRC continues to fall dramatically – with campaigns spoofing HMRC falling from 2,466 in 2017 to 1,332 in 2018. These figures relate to 16,064 spoof sites in 2017 and 6,752 sites in 2018;
  • The total number of takedowns of fraudulent websites was 192,256, and across 2018, with 64% of them down in 24 hours;
  • The number of individual web checks run has increased almost 100-fold, and we issued a total of 111,853 advisories direct to users in 2018.

Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office David Lidington said: “The UK is safer since the launch of our cyber strategy in 2016. Over the last three years, and backed by a £1.9 billion investment, we have revolutionised the UK’s fight against cyber threats as part of an ambitious programme of action.

“The statistics and examples in this report speak for themselves. They outline the tangible impact that Active Cyber Defence is having, and how it is a key building block in improving cyber security in the UK now, and in the future.”

The new report also looks to the future of ACD, highlighting a number of areas in development. These include:

  • The work between the NCSC and Action Fraud to design and build a new automated system which allows the public to report suspicious emails easily. The NCSC aims to launch this system to the public later in 2019;
  • The development of the NCSC Internet Weather Centre, which will aim to draw on multiple data sources to allow us to really understand the digital landscape of the UK;
  • We’ll explore developing an Infrastructure Check service: a web-based tool to help public sector and critical national infrastructure providers scan their internet-connected infrastructure for vulnerabilities;
  • NCSC researchers have begun exploring additional ways to use the data created as part of the normal operation of the public sector protective DNS service to help our users better understand and protect the technologies in use on their networks.

You can read the full 2019 report here.

Rob Norris, VP Enterprise and Cyber Security, Fujitsu, said: “Cybersecurity challenges aren’t slowing down and this annual report by GCHQ’s National Cyber Security Centre illustrates the magnitude of the problem. Cybercriminals today are creative and equipped with a multitude of tools helping them see their attacks through, making it vital for all organisations to think how they can safeguard their data and business assets.

“Unfortunately one of the simplest methods of stealing sensitive information is through a basic email phishing campaign, as proved by the fact that NCSC stopped 140,000 phishing attacks last year alone. This is partially because organisations still rely heavily on email to communicate both internally and externally, but also because of the human factor. Human behaviour is cited as the biggest challenge in email security, therefore it is imperative that businesses prioritise vigilance and awareness through education and training. 

“I would advise that some of the things we can do to identify suspected email security threats are hovering over the email hyperlinks before clicking to see the web address; blocking executable files and emails with large attachments; being mindful of password reset emails; and using a VPN when working remotely or using public WiFi. In today’s digital world, no one is immune from data theft, and being vigilant, both as an employee and as a consumer, is paramount.”

UK businesses subjected to one cyber attack every minute in 1Q19

960 640 Stuart O'Brien

UK businesses were subjected to 119,659 internet-borne cyber attacks each, on average, in the first quarter of 2019, according to analysis by Beaming.

This rate of attack, which equates to one every minute, was more than double that experienced in the first three months of 2018, when companies were attacked online 53,981 times on average.

Between January and March 2019, Beaming’s cyber security analysts identified 442,091 unique IP addresses that were being used to launch cyber attacks over the internet on UK businesses.

While 51,004 of these could be traced to locations in China and a large amount of attack activity continued to originate in Brazil (32,386) and Russia (31,131), there was also a threefold increase in the number of IP addresses in Egypt (36,282) used to attack UK businesses in the first three months of the year.

Remotely controlled IoT applications and file sharing services were the most likely targets for online cyber criminals, attracting 201 and 114 attacks per day respectively between January and March.

Sonia Blizzard, managing director of Beaming, said: “Cyber attacks continue to be a clear and present danger to UK businesses and the IT infrastructure they rely on. Business leaders should be wary, the rate of attack has been at historically high levels since October last year. Since we started tracking cyber attack activity just over three years ago we’ve come to expect that businesses will be attacked around 20,000 times a month on average. At the moment we are seeing twice that level of malicious activity online.”

“While there is plenty that we can do at a network level to minimise the threat of online attacks, businesses need to take cyber security seriously, educate employees and put in place security measures such as managed firewalls to ensure they don’t expose themselves to undue risk.”