"Time to take the blame away from the users" explained Andrew Gogarty, Chief Security Evangelist of Secon Cyber during the IET Central London Network lecture hosted at IET Savoy Place - a statement that everyone in the audience was able to relate to.
So, is it really that the users who are to blame? Well, yes …to a point. We need to start with what makes a User! A company can be the user of a system to automate activities, an employee can use company systems to perform their duties, or a consumer can interact, as a user, with a system for a service.
Cyber security solutions can be reactive or preventative, they should be able to enforce minimum salient features of security best practice controls to administer organisation policies, yet some value based brands are still finding themselves unable and confused to introduce basic checks. What’s fuelling this carelessness?
Andrew talked about how the perimeter based systems have gone through transformation to better interact in a globalised world, and with new real time technologies, like 5G, most platforms have entered mobalisation stage already, which means security controls should have also transformed..
Andrew talked through some good comprehensive solutions that everyone can implement, with explanations on how to Detect, React and Account for attacks. Basics such as, always prepare for the worst and know what plan to invoke if you do get hit were talked through. Start by asking, what are the likely types of attacks that your business will face?
If your users are constantly triggering your security alarms, you need to ask yourself, is there such a thing as a bad student? or are your security awareness campaigns not promoting the correct security controls?
The Q&A session was particularly interesting as the audience participation allowed some complex questions to be discussed, from chipset security design, lack of standards for manufactures to follow and A.I opportunities. During Q&A it was suggested that we should not trust some well-known platforms (vendors) and conspiracy theories were mentioned on who might be creating malwares which come into the marketplace ...‘Professor Tech’ did it in the ‘Data Center’ with a ‘Keyboard’ !
Event slides can be downloaded here.
Cyber security solutions can be reactive or preventative, they should be able to enforce minimum salient features of security best practice controls to administer organisation policies, yet some value based brands are still finding themselves unable and confused to introduce basic checks. What’s fuelling this carelessness?
Andrew talked about how the perimeter based systems have gone through transformation to better interact in a globalised world, and with new real time technologies, like 5G, most platforms have entered mobalisation stage already, which means security controls should have also transformed..
Andrew talked through some good comprehensive solutions that everyone can implement, with explanations on how to Detect, React and Account for attacks. Basics such as, always prepare for the worst and know what plan to invoke if you do get hit were talked through. Start by asking, what are the likely types of attacks that your business will face?
If your users are constantly triggering your security alarms, you need to ask yourself, is there such a thing as a bad student? or are your security awareness campaigns not promoting the correct security controls?
The Q&A session was particularly interesting as the audience participation allowed some complex questions to be discussed, from chipset security design, lack of standards for manufactures to follow and A.I opportunities. During Q&A it was suggested that we should not trust some well-known platforms (vendors) and conspiracy theories were mentioned on who might be creating malwares which come into the marketplace ...‘Professor Tech’ did it in the ‘Data Center’ with a ‘Keyboard’ !
Event slides can be downloaded here.