So much data, so little time.
Information security specialists know how overwhelming it can get every now and then. Especially when you want to be a well-rounded professional.
Information overload is real, so the community becomes essential in filtering discussion topics. We do our best to make DefCamp one of these communities for you. (By the way, we’re less than a month away from the event!)
Each year, we strive to bring on board partners that not only share our values but who also get involved in teaching what they know. Ixia is one of them.
Dan Mihailescu, Senior Manager and Product Development at Ixia, A Keysight Business, shared with us his perspective on some key issues that sit at the top of cybersecurity specialists’ agenda.
It doesn’t make it easier that infosec issues have deep ramifications into every aspect of a business. Here’s a timely example from Dan:
Application security is complex and requires a layered approach. There is no singular answer to solving this problem and with a lot more legal and business implications to it, companies need to realize the importance and benefits it brings to the table.
Many people involved in infosec at all levels are attracted to work on reducing risk by fixing the issues before they’re exploited. For example, this year, regulation created pressure to take data security more seriously but data breaches keep occurring. So we asked Dan what it takes to make companies care about data exposure aside from the fear of legal consequences.
One approach that could convince companies to care about data exposure is related to the company’s image. If the need to invest in security is not there, potential incidents can label the company as not privacy conscious, which can result in a bad image and ultimately affect business.
How many data breaches have been kept from the public for months or even years?
Maybe this argument will become increasingly convincing, but hopefully not the point of choosing not to disclose breaches when they happen.
But with the massive scale of business operations, securing data and minimizing risk can feel like an uphill struggle.
Scaling security operations can result in many layers of security devices in the network, which ultimately can result in a lot of indicators and alerts. Keeping track of all of them and filtering the „noise” out can be quite a challenge.
Trying to properly filter through them is becoming increasingly difficult as time goes on, and it’s one of the aspects that keeps getting more and more complex to deal with.
That’s why companies of all sizes need help. The more complex the organization, the more pressing the need for experts such as the Ixia team.
Infosec specialists with an outsider’s perspective can go beyond business as usual and deal with the challenges who haven’t yet manifested into practice, which is sometimes considered a nice-to-have (which really is a need-to-have).
This is especially true of social engineering, that is such “a pervasive threat due to the psychological methods that exploit the human nature”.
Social engineering is surely not new and also doesn’t apply only to the online environment. Historically speaking, there have been a lot of techniques that made social engineering a threat, which makes it a pervasive threat due to the psychological methods that exploit the human nature.
The same is true of the revived issue of fake news and misinformation that’s been distorting perspectives in the past years on a never before seen scale.
During recent years, incipient steps have been taken to combat fake news and misinformation in general, but the phenomenon is far from being over. Governments need to be more involved through regulations and companies need to be more responsible in helping combat the phenomenon.
Don’t forget that fake news and misinformation can influence how regular internet users perceive and engage in securing their data. (And we have enough trouble educating the people around us about it.)
But all is not doom and gloom, of course. We’re optimists in an industry that’s used to dealing with mostly negative stuff, so we welcome examples of tech used to build the future.
That’s why, in less than a month, we’ll be on stage at DefCamp discussing how machine learning is helping to propel healthcare IoT and its implications for telehealth.
Here’s what Dan has to say about this fascinating topic:
There is research related to using Machine Learning techniques in order to diagnose health issues, and at the same time, there are proved results which show Machine Learning has less false positive diagnostics than human doctors. But getting people to trust machines when it comes to their health is a long process and telehealth could be the way that bridges towards that.
If this sparked an interest in learning more about Medtech IoT, then you can’t miss the talks at DefCamp #9, on November 8th and 9th! Secure your ticket* and see you there!
*See what we did there?
This interview was made by Andra Zaharia. You can get in touch with her on LinkedIn or say hi on Twitter.
DefCamp is powered by Orange Romania and it’s organized by the Association “Research Center for Information Security in Romania” (CCSIR).
DefCamp 2018 is sponsored by Ixia, Keysight Business, SecureWorks and Intralinks as Platinum Partners and it’s supported by IPSX, Bit Sentinel, TAD Group, Enevo, Crowdstrike, CryptoCoin.pro, Siemens, Alef, UiPath, Atos and Kaspersky Lab.