Insights from Infosecurity Europe 2023

In June, ExCeL London hosted Infosecurity Europe, the continent’s largest cyber security and information security conference. Several members of Quorum Cyber’s team attended the three-day event, which attracted thousands of participants to hear the latest thinking from scores of presenters and panels on several stages across the venue. As a Microsoft Solutions Partner for Security, we delivered a well-received talk about data loss prevention on Microsoft’s stand during the conference.

A Catastrophic Cyber Storm is Brewing – Catalysing Global Action to Brace for Cyber Warfare

On day one of Infosecurity Europe 2023 a staggering statistic was shown to the audience in the Keynote Stage: the estimated cost of cybercrime in 2022 was US$7 trillion.

Governments around the world are finally talking to each other about how to tackle cyber security challenges and it was discussed at the latest meeting of the G7.

Although the opening session’s four panellists didn’t offer a solution to stop the cyber storm from happening, they did discuss what they think needs to be done:

• Central governments need to form a holistic strategy and a plan for critical national infrastructure
• A healthy ecosystem should be set up for public and private sector organisations to discuss shared challenges and a framework agreed for sharing information; executives should be responsible for sharing valuable information cross-company and cross-industry
• The law needs to make it less attractive for threat actors to commit cybercrimes
• The private sector needs to develop a culture of cyber resilience, prepare for the worst-case scenario and standardise approaches across sectors and businesses to level up their defences
• Companies need to be more consistent with their cyber security maturity and ensure the board of directors has knowledge and experience of cyber security

Asked for their opinions on the matter, the majority of audience members thought that too many of their boards don’t have enough cyber security knowledge and they don’t discuss the challenges regularly enough.

Wrapping up, the panel advised the audience to:

• Conduct tabletop exercises and worst-case scenario planning
• Test security plans as realistically as possible
• Make cyber security part of business as usual; ‘normalise’ it
• Move from a cyber security strategy to a cyber resilience strategy

Outsmarting Cybercriminals

In this panel session, Simon Newman from the Cyber Resilience Centre for London said that basic cyber hygiene is actually getting worse. It’s taken a huge investment to prevent attacks over many years, and the number has finally plateaued. He feels that the industry needs to “demystify the language of cyber security” and the industry needs to talk the same language as business. He added that governments should do better at applying legislation. And we should all “focus on the benefits of cyber security”. He stressed that boards understand what their business is up against when cybercriminals groups are described as “another business trying to make as much money as possible.”

Valerie Abend of Accenture listed five things that security professionals do wrong when talking to boards:

1. Talk tactics
2. Feel overconfident that the business won’t get attacked
3. Show too much data but don’t tell a story
4. Silo cyber security away from the rest of the business
5. Don’t ask the board questions

“Security teams need to do better at speaking the language of the board, and helping the board keep up to date with matters.”

Deborah Haworth of Penguin Random House UK explained that many security teams don’t understand the role of the board and who does what. She advised that the security conversation isn’t a one-off, it’s ongoing. Security teams need to make the board care about security.

Paul Midian of easyJet advised that, when talking to boards, security teams need to find the best ally as a way to communicate to the rest of the board members. He underlined the need to work with supply chains to strengthen the weakest links and security overall.

The Cyber Security Landscape: The 360 View of Start-ups, Industry and Government

Saj Huq of Plexal and a member of the UK’s new National Cyber Advisory Board said that stagflation, heightened geopolitical risks and tense relations between the US and China are adding to the complexities of the threat landscape. There are strong signs that some cybercriminal groups are collaborating with nation-states.

Countries are jostling for strategic advantage in technology.

He advised companies to move away from “point security” to “holistic security”. He feels that governments must do more to support tech pioneers and innovators.

Calling for an Intergovernmental Regulatory Consensus on Rapidly Evolving Technology

In this two-person fireside chat, Emmanuel Keller of the Cybercrime Centre at Europol and Peter Stephens from the Organization for Economic Cooperation and Development (OECD) explained what their teams do to help fight cybercrime.

Europol has supported cross-border investigations, the arrest of criminal groups such as Hive, the taking down of underground marketplaces and identified and prevented future attacks.

Both Emmanuel and Peter urged businesses to engage with their organisations, increase dialogue and share information and collaborate. Emmanuel stressed that the private sector, at the frontline of cyber-attacks, has a lot of useful information to help track down criminals and prevent breaches – so it can be a big part of the solution.

Peter emphasised that there is a genuine risk of something dreadful happening in the cyber world if private and public organisations don’t work better together.

Women in Cyber – Danni Brooke

On day two, the morning’s Women in Cyber event attracted a large turn-out who heard interesting insights from Danni Brooke, a former undercover Metropolitan Police Officer. She discussed how she moved from being an investigator into owning a cyber security company. Diving into real-life stories about her previous profession, she spoke about dealing with unscrupulous people while working in covert operations and getting out of some very scary situations. After years of interacting with the “worst kind of people” and being in several “life-threatening situations” she decided she’d take a break to spend more time with her family.

While on temporary leave, she learned about open source intelligence (OSINT) and how a lot of things she’d done in person and risked her life for, she could have achieved with the use of digital technology. This is when she turned her passion into running a cyber security firm.

Making the Most of Open Source Intelligence to be Risk Aware – not Risk Adverse

As an account executive for EMEA, Kevin Tongs discussed the use of the word ‘Risk’ and what it meant to him. “Is there such a thing as a risk appetite?” He spoke about the different definitions of the phrase ‘risk appetite’, one of which is ‘The amount and type of risk an organisation is willing to take while pursuing its objectives’.

Kevin spoke about the cyber risk equation: Risk = ((intent x capability) – mitigation + vulnerability) x impact

Where intent x capability = threat.

Quorum Cyber at Infosecurity Europe

Quorum Cyber was at the conference in force, with a number of its team members attending across all three days. It was great to meet up with customers, partners and the wider cyber security community. Tim Harrison, our Principal Consultant for Compliance, delivered a great talk on data security and the power of Microsoft Purview on the Microsoft Security stand on day two (see below for an overview of Tim’s talk).

“Infosecurity Europe is the leading cyber security conference which delivers insightful and thought provoking talks across a wide range of topics, with AI being a particularly popular topic this year,” says Customer Advocacy Director Ciara Mitchell, who attended all three days. “For Quorum Cyber it was a great chance to catch up with our peers across the cyber community, our customers and partners.”

Data Security: Understanding the value of Data Loss Prevention

Tim Harrison, Quorum Cyber’s Principal Consultant for Compliance, delivered a very well-received presentation on Microsoft’s stand in the centre of the Excel exhibition hall.

He started his speech explaining what a data loss prevention event is. “How many data breaches have there been in the last 12 months?” He stressed that 88% of data breaches are caused by human error. Data is leaked in many ways, including through human error and bad business processes. It’s also lost by malicious intent via email, Teams chat and files, USB, printing, Bluetooth and website pasting – the list is extensive!

Focusing on which data is important for a company, Tim discussed Microsoft’s data loss prevention (DLP) technologies. Why should companies choose Microsoft Purview for DLP? He explained that Microsoft Purview is the only platform that is fully integrated into the Microsoft ecosystem, that can connect to all channels in Microsoft 365 and can prevent data loss from other platforms when rights management is in use.

“DLP is deployed in stages in partnership with communications and awareness teams, to ensure business isn’t disrupted and user awareness is increased, while new preventative controls are brought online,” explained Tim. “DLP events can be analysed and processed from the Microsoft Purview portal, and further detailed analysis can be performed in the Microsoft Defender portal.”

Tim finished the session with a live demo – complete with audience participation – to show how highly sensitive content is prevented from being sent outside of the organisation.