Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

42% rise in companies reporting cyber attacks by foreign governments

960 640 Stuart O'Brien

In 2018, 19% of organisations believed they were attacked by a nation-state – That figure increased to 27% in 2019, with companies in North America the most likely to report nation-state attribution, at 36%.

That’s according to Radware’s 2019-2020 Global Application & Network Security Report, which found that more than one in four respondents attribute attacks against their organisation to cyber warfare or nation-state activity. 

“Nation-state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero-day exploits, and the patience to plan and execute operations,” said Anna Convery-Pelletier, Chief Marketing Officer at Radware. “These attacks can result in the loss of sensitive trade, technological, or other data, and security teams may be at a distinct disadvantage.”

Radware says the findings come at a time of heightened anxiety for security managers. Organisations are increasingly turning to microservices, serverless architectures, and a mix of multiple cloud environments. Two in five managers reported using a hybrid environment that included cloud and on-premises data centers, and two in five said they relied on more than one public cloud environment. However, only 10% of respondents felt that their data was more secure in public cloud environments.

As organisations adapt their network infrastructure to enjoy the benefits of these new paradigms (such as microservices and multi-cloud environments), they increase their attack surface and decrease the overall visibility into their traffic. For example, 22% of respondents don’t even know if they were attacked, 27% of those who were attacked don’t know the hacker’s motivations, 38% are not sure whether an Internet of Things (IoT) botnet hit their networks, and 46% are not sure if they suffered an encrypted DDoS attack. 

Convery-Pelletier added: “This report finds that security professionals feel as though the battlefield is shifting under their feet.  Companies are increasingly adding and relying upon new paradigms, like microservices, public and hybrid clouds, and IoT, which means the infrastructure is harder to monitor for attacks. These new technologies force a shift in security implementation into the development teams.  Security is often an afterthought as businesses march forward, and there is a misconception that ‘good enough’ is enough.”

In addition, the report also found:

The emergence of 5G networks. As the push for 5G grows, there exists an important opportunity to build security into networks at its foundations. Despite the increasing buzz around 5G networks, only 26% of carriers responded that they felt well prepared for 5G deployment, while another 32% stated that they were somewhat prepared.  

Be careful what you wish for in terms of IoT. 5G promises to advance organisations’ implementation of and the value they derive from IoT technologies, but that promise comes with a corresponding increase in the attack surface. When it comes to IoT connected devices, 44% of respondents said malware propagation was their top concern, while lack of visibility followed at 20% and Denial of Service at 20%.

Data loss is top concern. About 30% of businesses stated that data theft as a result of a breach was their top concern following an attack, down from 35% the previous year, followed by service outages at 23%.  Meanwhile, 33% said that financial gain is a leading motivation for attacks.

To read Radware’s ERT report, visit https://www.radware.com/ert-report-2020/

Anti-Virus

Do you specialise in Anti Virus solutions? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in January we’re focussing on Anti Virus solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Anti Virus solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here’s our full features list:

Jan – Anti Virus
Feb – Access Control
Mar – Intrusion Detection & Prevention
Apr – Phishing Detection
May – Advanced Threat Dashboard
Jun – Browser/Web Security
Jul – Authentication
Aug – Penetration Testing
Sep – Vulnerability Management
Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

Security IT Summit – The power of networking

960 640 Stuart O'Brien

There’s a complimentary guest pass reserved for you at the Security IT Summit – a bespoke and highly-targeted one-day event created specifically for senior IT & cyber security professionals like you.

It is entirely complimentary for you to attend. Confirm your place here.

Date: 30th June 2020

Venue: Hilton London Canary Wharf

Format: Corporate ‘speed-dating’. As our guest, you will be provided with a bespoke and personalised itinerary of pre-arranged, 1-2-1 meetings with suppliers relevant to your requirements and upcoming projects. A series of seminars will also be hosted throughout the event, and you can network with professionals who share your challenges.

Lunch and refreshments are included with your ticket.

Who Attends: Senior professionals with the following job titles:

  • Security Director
  • IT Manager/Specialist/Head of
  • Compliance Manager
  • Systems Manager
  • Network Infrastructure Manager
  • Information Security Manager

Would you like to join them? Reserve your place today!

Is the search for data centre talent a threat, asks BCS

960 640 Stuart O'Brien

Continuing unprecedented growth in the datacentre sector is centre may be at risk due to increasing concerns around scarce resource and rising labour costs.

That’s according to the latest industry survey from Business Critical Solutions (BCS), a specialist professional services provider to the international digital infrastructure industry.

The Winter Report 2020, now in its 11th year, is undertaken by independent research house IX Consulting, who capture the views of over 300 senior datacentre professionals across Europe, including owners, operators, developers, consultants and end users. It is commissioned by BCS, the specialist services provider to the digital infrastructure industry.

Just over two-thirds of respondents believe that the next year will see an increase in demand, up on the 55% from our previous summer survey. This is supported by over 90% of developers and investor respondents stating they expect to see a further expansion in their data centre portfolio over the coming year.

However, concerns are being raised by many Design Engineering and Construction (DEC) respondents around general shortages amongst design, construction and operational professionals with four-fifths expressing resourcing concerns. DEC respondents identified build professionals as being subject to the most serious shortages – 82% stated this view compared with 78% for design professionals and 77% for operational functionality of data centres.

When asked to rank the impact of this our respondents highlighted the increased workload placed on their existing staff (96%),  rising operating/labour costs (92%) and over 80% indicating that this has led to an increase in the use of outsourcing options over the past 12 months. The increased workload for existing staff had in turn led to problems in resourcing existing work, with just over 70% stating that they had experienced difficulties in meeting deadlines or client objectives.

James Hart, CEO at BCS (Business Critical Solutions), said: “At BCS we are currently doing the round of careers fairs looking for candidates for next year’s graduate and apprenticeship scheme. When we are talking to these young people we often find that they either haven’t even considered our sector and/or they have misconceived ideas about what this career path involves. We can address this by going into universities, colleges and schools telling STEM graduates about the data centre industry and how great it is. Without action, this these issues will  become more acute, so the rallying cry for 2020 is that the sector is an exciting place to be and we have to get out there and spread the word!”

NTT-ThreatQuotient

Defender confidence on the rise in a maturing UK cyber threat landscape

960 640 Stuart O'Brien

By Rick McElroy, Cybersecurity Strategist, VMWare Carbon Black

Looking at the headlines around cyberattacks and security breaches, we’d be forgiven for thinking that organisations face an insurmountable cybersecurity task. However, when we delve deeper into the UK cybersecurity landscape, a more nuanced picture emerges. In fact, there is a real sense of positivity on the horizon when it comes to UK organisations’ assessment of their ability to detect and defend against cyberattacks. Despite the knowledge that the volume and complexity of attacks they’re facing continue at a sustained high level, our latest UK Threat Report found that more than three quarters of UK organisations felt more confident in their ability to repel cyberattacks than they did twelve months previously.

Supporting this sense of confidence, we also found that investment in cyber defence is holding up well, with 93% of UK organisations surveyed saying they plan to increase cybersecurity spending. Nevertheless challenges remain, not least in the fact that despite this growing confidence 84% of UK organisations surveyed said that they had suffered at least one data breach in the past twelve months caused by an external cyberattack. Here are four more things we learned when we asked 250 UK CIOs and CISOs about the threat landscape they face in the final quarter of 2019.

  1. Despite growing confidence, the attack landscape remains severe

Eighty-four percent of organisations said the volume of attacks they face has increased, while nine in ten said that these attacks had become more sophisticated. Globally, we found a sharp rise in the prevalence of phishing attacks as the attack type most likely to result in a data breach, and this was reflected in the UK where it was the cause of 33% of breaches. In fact, this figure had jumped from 20% in our January 2019 report. This global trend is a clear sign that attackers are going after the weakest link – end users. This is also a factor in the increase reported in breaches caused by ransomware, which jumped as a cause of successful breaches from 14% in January to 20%.

This focus on user-related breach vectors may also indicate that defenders are succeeding in making organisations a harder target for more direct malware-led attacks. The study found that the percentage of breaches caused by process failures and out of date security halved during the period from January 2019. This is another sign of a maturing approach to cybersecurity, where controllable factors are now a key focus.

2. Reputational damage outweighs financial impact when breaches happen

Given the high profile of regulatory changes in the past eighteen months, it is not surprising that 72% of businesses reported suffering reputational damage as a result of a data breach. The public is now much more aware of the risks and responsibilities that organisations bear around data protection and quick to lose trust in those who appear negligent. Perhaps more surprising is that the percentage reporting financial impacts from breaches was only 35%, lower than the global average of 44%. In fact, more than half (54.5%) of UK organisations said there had been no financial impact from the breach at all. At this stage it seems that organisations don’t see monetary loss on the same scale as reputational damage.

3. Emerging technologies and cyber skills scarcity are cause for concern

Looking to the coming year, the research found a significant level of concern in the UK about how emerging technologies such as 5G and fast-paced digital transformation projects are going to create cyber risk. In line with global sentiment, nine in ten respondents said they had concerns, which ranged from the potential for new and more destructive attack types to the difficulty in gaining full visibility over new projects and technologies. Almost a quarter (25%) said that they would need a bigger team to cope with these threats. However, recruiting staff with the necessary skills is a growing problem, with 55% of UK organisations saying the recruitment climate had grown more challenging in the past twelve months. Looking overseas to plug the gap is unlikely to be a solution as the situation is even more difficult globally – an average of 61% of businesses worldwide said recruiting the right skills has become more difficult. 

4. Threat hunting is firmly on the agenda

 Ninety percent of UK companies surveyed said that threat hunting had strengthened company defences and thirty percent had found significant evidence of malicious activity. This is almost double the sixteen percent who found significant evidence of malicious activity in January 2019. While this may be in part due to increasing levels of cyber threat activity, the high percentage increase indicates that threat hunting is becoming more effective, as defender skills and experience increases.

    5. A stronger outlook for UK cybersecurity

Taken together, these research findings indicate a maturing approach to cyber security as UK businesses adjust to the “new normal” where high volume, sophisticated cyberattacks are a factor of doing business. Organisations are locking down the controllable factors such as process weakness and out of date security, while at the other end of the scale they are proactively threat hunting. This is building defender confidence and power, as businesses get smarter about identifying where the risks lie and what tools they can deploy to mitigate them.  While new challenges loom on the horizon, the cybersecurity community in the UK is now better-positioned and more confident to meet and defend against them.

Hosted Security Landscape Report: Key insights for 2020

960 640 Stuart O'Brien

A new whitepaper has detailed market analysis of attitudes towards cloud adoption and purchasing behaviours behind hosted physical security from 1000 IT decision makers from across Europe.

The in-depth survey, undertaken by Morphean, a provider of hosted security solutions, illustrates a market that has overcome initial concerns about cyber-security, has understood the clear benefits and will be seeking to adopt such solutions at pace in 2020.

The independent survey of key decision makers within companies from UK, France and Germany with more than 50 employees clearly shows better security, cost benefit and better functionality to be the most influential factors and the most commonly realised benefits of hosted security solutions including video surveillance as-a-service (VSaaS) and access control as-a-service (ACaaS). These solutions are part of a cloud security market that is expected to grow from USD 4.1 billion in 2017 to USD 12.7 billion by 2022, at a CAGR of 25.5%.

The ‘2019 Landscape Report: Hosted Security adoption in Europe is the second study of its kind by Morphean, and facilitates a better understanding of market trends with comparative data from 2018. It revealed that 84% of IT managers are currently using (48%) or considering using (36%) a hosted security solution, which is broadly consistent with the 89% who said they would consider such a solution last year. It also shows that better security ranked #3 among the main benefits realised by the cloud (44%) compared to 27% in 2018; representing a 63% increase in the year and shift in perception around cyber security concerns.

2019 key survey findings include:

  • Better security, cost benefit and better functionality are viewed as the most influential factors AND the most commonly realized benefits of hosted security solutions 
  • Half of respondents cited better security as the #1 benefit of using VSaaS / ACaaS; better functionality (42%) and cost benefits (38%) placed #2 and #3 respectively
  • Half of IT managers have identified data / information security as a priority for improvement in the next 12 months
  • 84% of IT managers are currently using (48%) or considering using (36%) a cloud-based video surveillance or access control solution
  • Of those still considering VSaaS and ACaaS, 79% anticipate introducing these solutions to their business within 12 months
  • 77% of IT managers report that physical security is not optimized; 20% have identified physical security as a priority for improvement in the next 12 months

Rodrigue Zbinden, CEO, Morphean, said: “Our research clearly points to a market that is overcoming initial concerns about cybersecurity, understands the clear benefits of hosted services and reflects growing confidence and purchase intent for 2020. The increased appetite for hosted security presents an opportunity for us to work with businesses to help them improve their physical security, while also educating them on the potential business intelligence benefits offered by surveillance and access control solutions when integrated in the cloud.”

The growing confidence in cloud seems to translate into more positive purchasing intentions around hosted security solutions with 77% of IT managers reporting that physical security is not currently optimized and one in five identifying it as a priority for 2020. Of those considering hosted security solutions, 4 in 5 (79%) anticipate introducing them to their business within a year. While this clearly represents an opportunity for the IT reseller community to enhance its service offering, the report does highlight two trends that may inhibit growth; the first being the physical securityindustry’s ability to adopt the as-a-service business model; the second is system integration with emergent technology such as AI.

Alex Hilton, CEO of The Cloud Industry Forum, added: “With cloud technology we have a toolset that changes the way businesses think and act, ensuring a competitive landscape for years to come. Morphean’s latest research reveals that decision makers are seeing better security, cost benefits and improved functionality as a result of a switch to cloud-enabled security solutions. Cloud presents very real opportunities, but vendors need to hone their offerings and capabilities in order for its full potential to be realised across all markets and sectors.”

The Morphean survey also found that there has been a 5% drop in cloud investment over the past year. In 2018, 33% of the IT budget was spent on cloud services over the previous 24 months and this figure has dropped to 31.38% for 2019. This is in spite of the fact that the majority of respondents (78%) had said that they expected cloud related spending to increase due to the favourable benefits it presents. It’s not the only contradiction found in the report.

Cloud is key to driving operational performance, and yet 78% of IT managers felt that this area of the business was underperforming while only 36% identified it as a priority for improvement.

Security IT Summit – Can you afford not to be there?

960 640 Stuart O'Brien

Registration is now open for the summer 2020 Security IT Summit – don’t miss out on your free place as there are only 60 up for grabs!

Register for your complimentary guest place today.

Our Approach

Taking place on June 30th 2020 at the Hilton London Canary Wharf, the Security IT Summit allows senior professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their security strategies.

It’s entirely FREE for you to attend and your complimentary guest pass includes:

  • A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
  • Access to a series of seminars by industry thought-leaders
  • Networking with like-minded peers
  • Complimentary lunch and refreshments

How Do I Get Involved?

We have just 60 guest passes available, so register your free place today.

Security IT Summit

Unlock the secrets of commercial success at the Smarter Payments Summit

960 640 Stuart O'Brien

The Smarter Payments Summit is a unique one-day event which allows senior payment transaction professionals from the UK’s biggest brands to meet with innovative and competitive suppliers to the industry.

8 September 2020 – Hilton London Canary Wharf

These meetings are pre-arranged and based on mutual interest, meaning there’s no time wasted – and there’s no hard sell.

It is free for payment transaction professionals to attend, and each guest pass also includes access to a series of seminar sessions hosted by industry thought-leaders. Lunch and refreshments are complimentary, while there is plenty of opportunity for more informal networking.

Simply register your place here.

Five IT trends to watch in 2020

960 640 Stuart O'Brien

By Alberto Pan, Chief Technical Officer, Denodo 

Edge Computing will emerge as the key to device management 

Next year, devices are set to become smarter than ever before. The use of them is will also increase to new levels. Already, through the collection and analysis of data, these devices – whether they be voice assistants or smart thermostats – are able to learn about our preferences and adjust accordingly. 

But, the volume of data they collect is expected to exceed record levels in 2020. The more devices we use, the harder it becomes to collect all data into a central repository, analyse it and then push the resulting recommendations back to the device. Next year, businesses will need to adopt technologies that execute the compute function on these devices, or on the ‘edge’ of these devices, rather than doing it centrally. This will enable devices to learn and adjust in real-time.  

The use of data fabrics will increase 

In 2020, the search for an effective integration platform to access and utilise data and deal with issues like data security and siloed information will continue. But an increased amount of organisations will look towards using a data fabric to overcome these data challenges.  

By combining historical and real-time data sets across multiple data silos, a data fabric offers a single, secure and consistent data management framework. It reduces data delivery and helps to support the automation of data preparation and integration as well as enabling organisations to focus more on machine learning and artificial intelligence.  

Legacy to Cloud: hybrid, multi-location architecture will become the norm 

In 2020, as the cloud initiative progresses with more and more data migrating to the cloud, the center-of-gravity will shift. The balance will tip towards platforms where the data is spread across both cloud and on-premises data sources.  

Similarly, integration of the data will transition to a multi-location architecture. Unlike traditional data integration technologies, data virtualisation was designed from the beginning to provide data location transparency, data abstraction, and integrated security across multiple locations, which makes it a perfect fit for these scenarios. Therefore, it will take an increasingly important role in hybrid architectures next year. 

Voice technologies will infiltrate the office 

Voice assistants have established themselves as common place in our personal lives. But 2020 will see an increasing amount of businesses turning to them to improve and personalise the customer experience.  

This is because, advances in AI-driven technology and natural language processing are enabling voice interactions to be translated into data. This data can be structured so that conversations can be analysed for insights. 

Next year, organisations will likely begin to embrace conversational analytics to improve their chatbots and voice applications. This will ultimately result in better data-driven decisions and improved business performance. 

Selling information to third-parties using the Data-as-a-Service approach will become a growing source of revenue for big companies 

The effective use of enterprise data for strategic decision making has become a key priority for all big companies in the last few years. As a consequence, companies have created high quality datasets and a sophisticated technology architecture to manage them and expose them to consumers.  Companies have also invested heavily in automating their business processes for greater efficiency.   

In the new year, since many big companies will now own high-value, unique data and services, the next logical step is reusing this infrastructure in order to offer them to third-parties. For instance, we are already seeing telecommunications companies selling customers geolocation data for a variety of purposes. This trend will be significantly accentuated during 2020 in all major industries. 

From the investment standpoint, this will involve higher demand for the technologies involved in creating and exposing data as a service, like GraphQL, Data Virtualization and/or API management tools.

Image by 849356 from Pixabay 

5 Minutes With… James Hart, Business Critical Solutions

960 640 Stuart O'Brien

For the latest instalment of our IT executive interview series we sat down with Business Critical Solutions CEO Jim Hart to talk about his company, industry issues, opportunities and what Peaky Blinders means to the Black Country…

Tell us about your company, products and services

Privately owned, BCS is the only company in the world that is dedicated to optimising digital infrastructure across the globe for our clients. We offer consultancy services, including project management, cost & commercial management and business strategy, across the development, implementation and operation of the IT asset lifecycle and have delivered 1,500mW of IT load of mission critical data centre space in every continent. Our 100% record of repeat business is testament to the quality of our solutions and we nurture the strength and longevity of our client relationships.

What have been the biggest challenges the industry has faced over the past 12 months?

Our recent European wide survey highlighted concerns that a shortage of sufficiently qualified professionals at the design and build stages will cause a bottle neck, with 64% of data centre users and experts believing there is a lack of skilled design and delivery resource.

And what have been the biggest opportunities?

As we see the greater adoption of the Edge there will be deployments of much smaller facilities on a multiple scale. We see that as a real opportunity as it is about managing an ongoing and overarching programme rather than a single project. While the hyperscalers will still be there, we believe this change will start to redefine a data centre going forward. The edge of the network will continue to be at the epicentre of innovation in the data centre space and we are seeing a strong increase in the number of clients coming to us for help with the development of their edge strategy and rollouts. 

What is the biggest priority for the industry in 2020?

The industry will continue to come under pressure from a resource perspective, there is a real lack of new talent coming to the market. We’ve got to start training and become ambassadors for the industry by going in to universities and telling STEM graduates about the data centre industry and how great it is – it’s an exciting place to be and we have to get out there and spread the word. Going into 2020, this issue will become more acute.

What are the main trends you are expecting to see in the market in 2020?

Into 2020 we expect distributed cloud infrastructure to drive edge computing. Allied to the advent of 5G, Edge will start to gain real traction as organisations require near-instant access to data and computing power to serve their customers, and they are increasingly looking to edge computing to provide a suitable infrastructure.

What technology is going to have the biggest impact on the market next year?

The adoption of serverless computing. Serverless computing is predicted to be one of the biggest developments in the cloud space, however, the serverless transition would require a strategic approach. Moving to serverless infrastructure requires an overhaul of traditional development and production paradigm, meaning outsourcing the entire infrastructure to the cloud

In 2023 we’ll all be talking about…?

We will be talking about high-speed mobile internet, artificial intelligence, big data analytics, and cloud technology which are set to spearhead companies’ adoption of new technologies and they will look to machine learning and augmented and virtual reality for considerable business investment.

Which person in, or associated with, the industry would you most like to meet?

The person at CERN who one day thought ‘we haven’t got enough compute power, I know, let’s ask the world if we can borrow their unused processing capacity’, along with downloadable books, one of the first examples of an embryonic cloud.

What’s the most surprising thing you’ve learnt about the sector?

When I first entered the sector, certainly for the first 15 years, it was very conservative with the rate of change very slow. The rate of change over the last 5 years or so has increased exponentially and what is sure one day is no more the day after. 

You go to the bar at the Security IT Summit – what’s your tipple of choice?

A cold pint.

What’s the most exciting thing about your job?

Being at the forefront of change and forging trends.

And what’s the most challenging?

Change.

What’s the best piece of advice you’ve ever been given?

A quote from Ghandi which was along the lines of ‘live as if you were to die tomorrow. Learn as if you were to live forever.’

Peaky Blinders or Stranger Things?

Peaky Blinders, you can’t beat a bit of stylised gangsterism from the black country!