Feeds

Infosecurity is very much like...

New cliches for old

Internet Security Threat Report 2014

Infosec After three days, 320 exhibitors, dozens of presentations, and even more extensive marketing guff the Infosecurity exhibition in London is over for another year. Thankfully, next year's trade show will be held in Earls Court, not in the wastes of Olympia, and so much easier to get to.

Adios Olympia

The biennial Information Security Breaches survey set one tone for the show - firms are getting better at securing wireless networks and handling malware attacks, but lost laptops and customer data breaches remain a problem. File encryption is one solution, but this creates key management problems. Hard disk encryption is a better tactic - but it is only a well-thought out alternative in cases where firms have a backup strategy in place.

Historically, firms have been worried that hard disk or software problems would leave encrypted data unavailable, an even more likely scenario than losing the damn thing.

Chris Potter, the partner at PricewaterhouseCoopers who led the survey, told us that this factor, alongside the cost issue, have kept uptake of laptop encryption low, at about eight per cent. Concerns that encryption software would slow down the operation of modern PCs were not much of a factor.

Performance issues of another kind were well in evidence during the show. Few exhibitors were running Vista on their stands, preferring XP instead - an observation first mentioned to us by Robert Schifreen, the Prestel hacker turned respected security consultant.

Microsoft, of course,extolled the virtues of Vista as superior to XP in resisting malware infestation. Separately, its report on the latest trends in use of its malicious software removal tool revealed that many surfers were content to leave adware programs on their PCs.

In the second half of 2007, 129.5 million pieces of potentially unwanted software were found on PCs, but only 71.7 million of these were removed. Microsoft, like specialist security firms, reports a big increase in the number of Trojan downloaders and droppers it detects, up 300 per cent from 2H 2006.

Infosec bunnies

Dolly birds were much less in evidence at this year's Infosec than at previous shows. Perhaps the IT security industry is bracing itself for a possible downturn in the economy? If so, it's nothing anyone at the show much wanted to discuss.

Revenge of the Autons?

Revenge of the Autons?

One of the few firms making the effort to hire artists to appear at the show was Eset, which hired a mime artist to model a robotic humanoid costume, modelled on something from a Kraftwork video, perhaps. We think it was making a reference to botnets rather than the German electro music pioneers, but since the mime artist was too professional to speak we can't be sure.

Away from the fluff, Infosec continues to attract a high calibre of luminaries from the security community. Bruce Schneier, the closest the security industry has to a rock star, made an appearance at the show, along with Howard Schmidt, former White House security advisor whose extensive career spans spells at eBay and Microsoft.

Schmidt

Schmidt: one of the net luminaries at Infosec

Schmidt told us how the US was far ahead of the UK in collating incidents of cybercrime. And he said the amalgamation of the UK's National Hi-Tech Crime Unit two years ago into the larger, less specialist the Serious and Organised Crime Agency was a step backward.

The Metropolitan Police's head of e-crime, Detective Supt Charlie McMurdie, is still waiting for the Home Office to approve plans to create a central e-crime unit in the UK.

Cybercrime has never been high up the agenda at the Home Office, except when it talks about the need for ID cards as a supposed counter-measure against ID fraud. So it's unsurprising that approval for this modest, well-thought out proposal has been a long time coming. Some delegates at Infosec suspect that ministers perceive a central e-crime unit as a u-turn, and may be blocking its formation.

Talk about information security has always been laden with cliches. The favourite of yesteryear -security as a journey not a destination - has fallen out of fashion. These days you're more likely to hear people compare information security with brakes on cars, a feature that allows autos to be driven fast, we heard that at least three times in various presentations. Thankfully, our conversations down the pub were spared of such remarks.

Now if you'll excuse me I have to motor off. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.