Feeds

Infosecurity is very much like...

New cliches for old

SANS - Survey on application security programs

Infosec After three days, 320 exhibitors, dozens of presentations, and even more extensive marketing guff the Infosecurity exhibition in London is over for another year. Thankfully, next year's trade show will be held in Earls Court, not in the wastes of Olympia, and so much easier to get to.

Adios Olympia

The biennial Information Security Breaches survey set one tone for the show - firms are getting better at securing wireless networks and handling malware attacks, but lost laptops and customer data breaches remain a problem. File encryption is one solution, but this creates key management problems. Hard disk encryption is a better tactic - but it is only a well-thought out alternative in cases where firms have a backup strategy in place.

Historically, firms have been worried that hard disk or software problems would leave encrypted data unavailable, an even more likely scenario than losing the damn thing.

Chris Potter, the partner at PricewaterhouseCoopers who led the survey, told us that this factor, alongside the cost issue, have kept uptake of laptop encryption low, at about eight per cent. Concerns that encryption software would slow down the operation of modern PCs were not much of a factor.

Performance issues of another kind were well in evidence during the show. Few exhibitors were running Vista on their stands, preferring XP instead - an observation first mentioned to us by Robert Schifreen, the Prestel hacker turned respected security consultant.

Microsoft, of course,extolled the virtues of Vista as superior to XP in resisting malware infestation. Separately, its report on the latest trends in use of its malicious software removal tool revealed that many surfers were content to leave adware programs on their PCs.

In the second half of 2007, 129.5 million pieces of potentially unwanted software were found on PCs, but only 71.7 million of these were removed. Microsoft, like specialist security firms, reports a big increase in the number of Trojan downloaders and droppers it detects, up 300 per cent from 2H 2006.

Infosec bunnies

Dolly birds were much less in evidence at this year's Infosec than at previous shows. Perhaps the IT security industry is bracing itself for a possible downturn in the economy? If so, it's nothing anyone at the show much wanted to discuss.

Revenge of the Autons?

Revenge of the Autons?

One of the few firms making the effort to hire artists to appear at the show was Eset, which hired a mime artist to model a robotic humanoid costume, modelled on something from a Kraftwork video, perhaps. We think it was making a reference to botnets rather than the German electro music pioneers, but since the mime artist was too professional to speak we can't be sure.

Away from the fluff, Infosec continues to attract a high calibre of luminaries from the security community. Bruce Schneier, the closest the security industry has to a rock star, made an appearance at the show, along with Howard Schmidt, former White House security advisor whose extensive career spans spells at eBay and Microsoft.

Schmidt

Schmidt: one of the net luminaries at Infosec

Schmidt told us how the US was far ahead of the UK in collating incidents of cybercrime. And he said the amalgamation of the UK's National Hi-Tech Crime Unit two years ago into the larger, less specialist the Serious and Organised Crime Agency was a step backward.

The Metropolitan Police's head of e-crime, Detective Supt Charlie McMurdie, is still waiting for the Home Office to approve plans to create a central e-crime unit in the UK.

Cybercrime has never been high up the agenda at the Home Office, except when it talks about the need for ID cards as a supposed counter-measure against ID fraud. So it's unsurprising that approval for this modest, well-thought out proposal has been a long time coming. Some delegates at Infosec suspect that ministers perceive a central e-crime unit as a u-turn, and may be blocking its formation.

Talk about information security has always been laden with cliches. The favourite of yesteryear -security as a journey not a destination - has fallen out of fashion. These days you're more likely to hear people compare information security with brakes on cars, a feature that allows autos to be driven fast, we heard that at least three times in various presentations. Thankfully, our conversations down the pub were spared of such remarks.

Now if you'll excuse me I have to motor off. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.