Feeds

Infosecurity is very much like...

New cliches for old

Intelligent flash storage arrays

Infosec After three days, 320 exhibitors, dozens of presentations, and even more extensive marketing guff the Infosecurity exhibition in London is over for another year. Thankfully, next year's trade show will be held in Earls Court, not in the wastes of Olympia, and so much easier to get to.

Adios Olympia

The biennial Information Security Breaches survey set one tone for the show - firms are getting better at securing wireless networks and handling malware attacks, but lost laptops and customer data breaches remain a problem. File encryption is one solution, but this creates key management problems. Hard disk encryption is a better tactic - but it is only a well-thought out alternative in cases where firms have a backup strategy in place.

Historically, firms have been worried that hard disk or software problems would leave encrypted data unavailable, an even more likely scenario than losing the damn thing.

Chris Potter, the partner at PricewaterhouseCoopers who led the survey, told us that this factor, alongside the cost issue, have kept uptake of laptop encryption low, at about eight per cent. Concerns that encryption software would slow down the operation of modern PCs were not much of a factor.

Performance issues of another kind were well in evidence during the show. Few exhibitors were running Vista on their stands, preferring XP instead - an observation first mentioned to us by Robert Schifreen, the Prestel hacker turned respected security consultant.

Microsoft, of course,extolled the virtues of Vista as superior to XP in resisting malware infestation. Separately, its report on the latest trends in use of its malicious software removal tool revealed that many surfers were content to leave adware programs on their PCs.

In the second half of 2007, 129.5 million pieces of potentially unwanted software were found on PCs, but only 71.7 million of these were removed. Microsoft, like specialist security firms, reports a big increase in the number of Trojan downloaders and droppers it detects, up 300 per cent from 2H 2006.

Infosec bunnies

Dolly birds were much less in evidence at this year's Infosec than at previous shows. Perhaps the IT security industry is bracing itself for a possible downturn in the economy? If so, it's nothing anyone at the show much wanted to discuss.

Revenge of the Autons?

Revenge of the Autons?

One of the few firms making the effort to hire artists to appear at the show was Eset, which hired a mime artist to model a robotic humanoid costume, modelled on something from a Kraftwork video, perhaps. We think it was making a reference to botnets rather than the German electro music pioneers, but since the mime artist was too professional to speak we can't be sure.

Away from the fluff, Infosec continues to attract a high calibre of luminaries from the security community. Bruce Schneier, the closest the security industry has to a rock star, made an appearance at the show, along with Howard Schmidt, former White House security advisor whose extensive career spans spells at eBay and Microsoft.

Schmidt

Schmidt: one of the net luminaries at Infosec

Schmidt told us how the US was far ahead of the UK in collating incidents of cybercrime. And he said the amalgamation of the UK's National Hi-Tech Crime Unit two years ago into the larger, less specialist the Serious and Organised Crime Agency was a step backward.

The Metropolitan Police's head of e-crime, Detective Supt Charlie McMurdie, is still waiting for the Home Office to approve plans to create a central e-crime unit in the UK.

Cybercrime has never been high up the agenda at the Home Office, except when it talks about the need for ID cards as a supposed counter-measure against ID fraud. So it's unsurprising that approval for this modest, well-thought out proposal has been a long time coming. Some delegates at Infosec suspect that ministers perceive a central e-crime unit as a u-turn, and may be blocking its formation.

Talk about information security has always been laden with cliches. The favourite of yesteryear -security as a journey not a destination - has fallen out of fashion. These days you're more likely to hear people compare information security with brakes on cars, a feature that allows autos to be driven fast, we heard that at least three times in various presentations. Thankfully, our conversations down the pub were spared of such remarks.

Now if you'll excuse me I have to motor off. ®

Intelligent flash storage arrays

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.