This year, the RSA Security Conference took place in San Francisco. During the conference, 40,000 networking, IT and security specialists came together to be completely up to date on the most relevant information concerning security.
Collaboration is ‘the key’. It is crucial to have an important interaction between businesses, security partners and the government.
Security is hot, point solutions are not!
Solving one particular problem without regard to related issues is not the way to go. If the point solution does not contribute to any further component, it will be a weak leak in the security chain.
There are of course other threats that we have to take into account such as the lack of security experts. The digitization of our society will only increase (e.g. internet of things), therefore, the number of connected devices will grow as well. The educational sector will not be able to follow this trend so it is important to cooperate!
Tips and tricks: Sharing is caring
Make sure that your employees get hands-on experience. Let them join external SOC suppliers so they can easily recognize new threats. That will be an advantage for both parties. Afraid that your employee will leave your company to go to ‘the other side’? Do not worry, look at the bigger picture! They will be specialists that can educate others so they will be able to focus on complex challenges.
Cloud Security, do not take it for granted
Do not assume that your cloud provider has everything under control. In our industry, there are just too many changes in a short amount of time. One vulnerability in cloud application may be sufficient to provide hackers to access the desired, valuable information.
Once a year won’t do it!
The technical sessions I attended on the use of the Darknet, Mobile Malware ClickJacking and what is involved in Cloud Security were very instructive. It is truly very shocking to see how easily hackers may gain access.
Always check the security of the entire chain (physical, network infrastructure, security infrastructure, applications, cloud, etc.). Once a year is not enough! Security checks should be performed on both a regular and irregular (read: unannounced) basis. The results need to be shared with the entire organization and the sector. I cannot repeat it enough: security is a process!
It was a very instructive and interesting week. It was a reminder that we, as Cyber Security Specialists are only one link in the security chain. We will definitely continue to invest in cooperation!