Quorum Cyber Summit: Cyber strategies, threats and trends

Approaching our seventh anniversary of fighting bullies and helping good people win, we were delighted to hold our inaugural Quorum Cyber Summit for many of our customers at the Virgin Hotel in historic central Edinburgh on 23rd March 2023. Compered by COO Mark Lawrence, the event’s main aim was to foster a strong sense of community spirit and togetherness among our customers and with our security partner Microsoft, and emphasise that we’re all in a race against time.

Founder and CEO Federico Charosky warmly thanked everyone for coming to the event, which he’d been dreaming of bringing to life for several years. He explained that the Summit was being held to “elevate the cyber security conversation to the business level”, to shift the overriding emotion of the industry from fear to positivity and resilience, and to bring the whole community together to tackle their common challenges as one.

“Resilience is the capability of an organisation to continue to thrive even when it’s being disrupted,” Federico said, adding that it was time for all organisations to move from a state of risk aversion to one where they could take positive business actions.

Attendees represented scores of diverse organisations from the UK’s private, public, non-profit and higher education sectors. Throughout the day they networked with their peers, watched Quorum Cyber’s demonstrations and listened to the lunchtime Lightning Talks.

Threat landscape — a review of 2022 and what to expect in 2023

Lesley Kipling, Chief Security Advisor at our partner Microsoft, presented an overview of the state of the threat landscape, acknowledging that the variety of attackers and the speed of attacks has increased, but explained that they aren’t necessarily becoming more sophisticated because Ransomware-as-a-Service had lowered the barrier to entry for less skilled cybercriminals.

While admitting she’s not a fan of the “doom and gloom” attitude, she told participants that “cyber security is a whole-society problem. The ability to work together is really important, but technology can help and it can hinder.

“Time is not on our side. Attackers change their tactics, techniques and procedures every week – we can no longer wait until after an investigation to take action.”

Customer insights: NHG’s journey with Quorum Cyber

Richard Holland, Head of IT Systems and Cyber Security at Notting Hill Genesis, told the story of his organisation’s journey since it was formed from a merger in 2017-18 to become one of the leading and largest housing providers in the country with 60,000 homes with 200,000 tenants.

“We see ourselves as a partner, not a customer,” said Richard, explaining that NHG has moved to a single security ecosystem, set up a cyber security dashboard to show key performance indicators daily, significantly improved all its security scores and reduced its operational budget by £50 to £75K. “Overall, we have moved from a log-and-flog model to an intimate relationship – we know Quorum Cyber has our backs.”

Mental toughness

The Summit wasn’t all about cyber security, technology and risk mitigation. To add a fresh perspective to our event, former World Rally driver and TV personality Penny Mallory, who is now a motivational speaker and coach, gave the keynote presentation on mental toughness. In an inspirational talk that featured clips from her driving career, stories from her numerous personal achievements running scores of marathons and fighting in the boxing ring, she stressed the one characteristic that separates champions from everyone else: mental toughness.

She described the four key aspects of mental toughness as control, challenge, commitment and confidence. “Your success will be down to your mental toughness. What will happen when you develop yours?”

Microsoft strategy & roadmap

After a break for conversations to flow, Microsoft’s Director for the Security Business Group Paul Kelly confirmed that Quorum Cyber’s moniker ‘We Fight Bullies’ is 100% aligned to Microsoft’s vision. “It’s all about feeling safe in the world, together,” he said, reminding everyone that basic cyber hygiene practices protect businesses from 98% of threats.

The company’s mission remains to protect every citizen and every organisation from cyber threats and it’s working closer with government security agencies including the UK’s National Cyber Security Centre and the UK Cyber Security Council.

Microsoft, Paul said, “wants to help businesses extend their partnerships without needing to keep retraining their team members. The company, which employs 8,500 security professionals and invests over $1 billion in cyber security annually, is aware of where threat actors will go next. It aims to design security around what threats lie ahead, and is committed to supporting its customers’ digital journeys.

Incident response focus

After the lunch break when guests could listen to our Lighting Talks (see below), it was Head of Incident Response and Threat Intelligence James Allman-Talbot’s turn on stage. He announced that 39% of UK businesses have reported suffering a cyber-attack in 2022, but that the true figure will be higher because some don’t report such crimes. “We don’t want to put the fear into people but the odds are against you,” he said. “The unfortunate reality is that you will suffer an incident at some point.

However, help is at hand. “Preparation underlines everything across your whole business, but it’s very easy to get caught up in the detection and analysis phase,” said James. Preparation for any incident, which is all about People, Process and Technology, is just like a fire drill. “Minutes really do matter, so practice the ‘fire drill’ beforehand. Make sure everyone knows their role and who to communicate to.” During a live incident, he said, “People will be stressed and they will burn out, so people welfare is critical.”

James was keen to point out that organisations that have well-tested plans in place are:

• less stressed​
• able to recover quicker​
• able to prevent breaches before the worst happens​
• actively mitigating business risk​.

“Cyber risk is business risk,” he concluded.

The geopolitics of hacking

In the final session of the day a panel of Quorum Cyber Advisory Board member Bob Hayes, Cyber Integrator for the Scottish Government Keith McDevitt, Lesley Kipling and Federico Charosky examined the threats posed by nation-state actors. “Cyber is an extension of the real world,” said panel anchor Bob. “The political interests of nations are now being pushed through the world of cyber security.”

Bob explained how security agencies around the world had recently arrested a number of criminals by breaking into communications network EncroChat and by designing and distributing encrypted messaging app ANOM, two popular digital communications tools that were used widely in the international cybercriminal network. He also explained how some individuals working for nation-state groups moonlighted for criminal gangs, sharing their skills across both types of threat actors.

One of the challenges in defending against cyber threats, Federico said, was that businesses were sometimes hit by ricochet or secondary attacks in which they weren’t the intended target. Another challenge was the commoditisation and spread of nation-states’ techniques to the wider criminal world.

Keith emphasised that businesses should be expected to defend themselves against “reasonable” threats but that government was working to help protect them from unfriendly nation-states. He said the government has stepped up its efforts to publish regular, accurate advice that businesses can act upon to increase their cyber resilience.

One of the recurring topics raised during the day was how cybercriminals might use ChatGPT and how organisations can defend against it. We’ll discuss this subject in our blog in the coming weeks and months.

Closing remarks

Just before drinks, canapés, and another opportunity for networking, Federico proudly closed our first-ever Summit by thanking everyone for their time and contribution to the ongoing conversation. “It’s not about Quorum Cyber or our portfolio of services. It’s about us all getting together, talking to people who are going through similar challenges, and facing and overcoming them together.”

On stage, he presented the first Fighting Bullies award to Clarion Housing Group to celebrate their outstanding achievements in cyber security over the past 12 months.

 

Lightning talks

We’re always keen to share our knowledge with our customers and keep them abreast of current trends in the world of cyber security and the fast-changing threat landscape that we all face together. So, in only 10 minutes including Q&A, customers made the most of the lunch break by listening to overviews of three of our key services.

Threat Intel

In his talk, titled, “Threat Intelligence: the Eyes and Ears of Cyber Security”, Threat Intelligence Analyst Craig Watt underlined the importance of any threat intelligence needing to enable organisations to take fast, appropriate action to minimising risk. He stressed that having a proactive strategy is significantly better than constantly being stuck in a reactive mode and acting in hindsight.

Advisory Services

“When you don’t know what’s wrong, who are you going to call?” This was the question that our experienced advisory and cloud engineering experts Zibby Kwecka and Karl Innes asked attendees in their talk of the same name. By failing to ask fundamental questions, security teams often miss vital information. “If your business is afraid to ask stupid basic questions then you need to find alliances outside,” Zibby said.

Data Security

Data Security Solution Director Graham Hosking shared his key points on data security and compliance. “I don’t know any organisation that knows where all their data is,” he revealed, adding, “When it comes to compliance, people and policies are key. Businesses need to define which policies they need to protect.”

 

Live demonstrations throughout the day

Attendees had ample time to meet the wider Quorum Cyber team during the Summit. Five demos were run to showcase our services.

Clarity

Our Engineering team of Kerry Finlayson and Ronald Gray gave live demos of the new features in Clarity, our unique portal that provides 24/7 visibility of what’s happening in every customer’s IT estate. They outlined the platform’s roadmap for the future.

MDR Exposed

Our Security Operations Centre (SOC) duo of Stanislav Dimitrov and Scott McManus delved into the mechanics of what constitutes a security alert. They explained how, equipped with Microsoft Sentinel, our experienced team of security analysts triage events using a mixture of machine learning and human intelligence.

Advisory Services

Customers met our experts who deliver our advisory and cloud security engineering services. From providing maturity assessments and virtual CISO support, Zibby Kwecka and Karl Innes explained how they can design your own in-house monitoring and detection platform tailored to your organisation’s operating model.

Data Security

Our in-house data security experts Tim Harrison and Graham Hosking discussed the data journey that organisations need to go on to maintain full control of data, from where it is stored to how and where it is sent, and how it is used. Covering the importance of data security strategies, the best practices in data security, and the regulatory compliance that is needed to protect data, they also addressed the challenges and advantages posed by new technologies in a hybrid world.

Threat Intel

Customer at the Summit met our threat intelligence experts James Allman-Talbot and Craig Watt to learn how enriched intelligence can help their organisation in the fight against the growing list of cyber threats.