Cloud Security Expo 2018 - a summary of GDPR, cloud apps, and ransomware
I have just returned from speaking at Cloud Security Expo 2018 in London, UK. The two-day conference is co-located with four other conferences that cover use of the cloud, big data, IOT and data centres. More than 200 vendors shared insights and case studies, educating attendees and peddling their wares.
As I walked around the frankly enormous hall of the ExCeL convention centre, the sense of desire and urgency to be ready for the looming GDPR enforcement date of May 25 was palpable. I hoped that the hundreds of attendees listening to the speakers in the “GET GDPR READY!” theatre were nearly ready or thereabouts. Perhaps now, with two months to go, organisations were making the final tweaks to their strategies or were thinking of bringing in additional visibility and insight to cloud application usage in their environment. One of my talks touched on that very topic—the slides of which should be made available in two weeks.
I was fortunate to sit in on a few of the excellent keynotes of #CSE18 and I would like to share takeaways if you weren’t able to attend.
A panel posed the question, “Ransomware: Still the biggest threat?” Moderated by (ISC)2’s Adrian Davis, the industry experts used the tried and tested risk formula of assessing impact and probability. Consensus was split across the room as to whether ransomware was still the threat to most concern businesses in 2018. Cryptocurrency mining, data breaches and insider threat were evaluated as stealing ransomware’s unenviable crown. The resulting advice to business owners was that they must own their data and be responsible for protecting it. The panel decided that, as threats change, we must be ready to adapt to the changing landscape and utilise the most appropriate solutions available to us. In addition, we must focus on the basics and get those right—user education, proactive malware detection, strong patching and a good backup procedure—nothing new there. Would you agree that ransomware is the biggest threat to your organisation?
Another keynote I heard was from the ever energetic Mikko Hypponen, whose talk revolved around IOT. With processing power becoming cheaper and devices becoming smaller, he proposed that even future “dumb” devices will become connected with the goal of collecting data (data being the new oil). It will become even more important to understand why our personal data is being collected, and how it is being used in ways far beyond advertising and social media.
Another topic during the talk was automation, widely considered at odds with what humans desire. As previous industrial revolutions reduced the need for manual labour, the next revolution (Industry 4.0 and machine learning) will cause shifts in the employment landscape. Wrapping up, he challenged the audience to think not just in terms of securing computers but securing society. Are you up for the challenge in our rapidly changing environment?
All in all, Cloud Security Expo was a great conference that I would recommend you visit if you can. The attendees came away motivated to understand their use of cloud infrastructure and applications, learned how to better choose their cloud provider and prepare for the GDPR.
See you at the next conference.