By 2025, 99% of all security breaches will be caused by customer misconfiguration under the shared cloud model
I attended the Security First Conference, which was held this month at the Aviva stadium in Dublin City. This product-led conference was well attended by a very wide range of security professionals covering all areas and at all levels. After my traditional stop at the coffee machine to take in the look and feel of this conference, I made my way around the vendor’s exhibition area.
Security First Conference comes to Dublin’s Aviva Stadium
My first stop was with Niall and Christian from Checkpoint. Their long-standing intrusion detection software has evolved into a full-suite security platform. My next stop was with the guys on the Rapid7 desk where they brought me through their full suite of services, which includes pen-testing. My journey then continued to the Netskope desk where I chatted with Jugrat. He explained his site-to-site endpoint protection product that Gartner recently accredited them for as an SSE (Security Service Edge) provider.
I made my way around the exhibition area and stopped off at the Splunk desk. Paul updated me on what’s new with Splunk since I was running queries against it. The mature logging and query provider we all know is now a full-suite provider of security products and services, which includes a SIEM product. My journey’s next stop was with Rory from Integrity360. He was at the host desk where we chatted about their holistic platform for your security needs and how solutions need flexible integration capacities in today’s threat landscape.
This theme of product integration with other companies’ product solutions was continued with Alex at the Cynet desk. He chatted with me about his lightweight agent-based endpoint solution that incorporates antivirus with threat intelligence via a single management screen.
I went to my first discussion panel was called ‘Securing Your Organization with Effective Threat Monitoring’. The general feeling was that digital consumer adoption is driving commercial decisions around infrastructure availability, rapid cloud adoption and scaling.
It is presenting security teams with unprecedented challenges at scale around the complexity of the technology stack, and the rapid expansion of the attack surface when cloud is introduced. One of the reactive growth areas noted is incident response and the process of post-incident analysis. The use of learned lessons in trying to make sure a threat does not reoccur was a key point of exploration by the panel.
Another interesting area of discussion was on-premise ‘norms’ for security teams. The security threat landscape is fast evolving with the onset of cloud solutions, hybrid cloud solutions and now the multi-cloud solution. An on-premise expectation for example is vulnerability scanning every 30 days. This is now obsolete as new exploits on average appear every 11.1 days. The need to react as a security team and patch daily is part of the new human paradigm for security teams. This means managing change in practices, habits and culture through coordinated leadership and development practices.
Another area discussed was the rise in state actor threats. This was noted as an escalation point for some hackers and hacking collectives, who are ideologically aligned with hostile states targeting host countries where the company is located. AI was not discussed in detail, but I think the evolving frequency of new exploits found, the expanded range of targets hit by bad actors and its rate of targeting can be attributed to their use of AI.
With a quick break and live demos by Cynet and RSA out of the day, my next talk was ‘Demystifying Cloud Security: clearing the Fog’ by Brian Martin of Integrity360. Brian went into his massive growth area with a prediction that traditional on-premise infrastructure spend will be outpaced by cloud-based spending within 2 years. 65% of organisations today have a cloud presence with a striking 87% of those using a multi-cloud solution.
This is where the theme of product-led development in the security industry resurfaced. The multi-cloud reality demands convergence over one or more companies integrating technical specialities into a single product solution.
On security threats, his talk confirmed that the cloud is no longer the top concern for enterprises. Cloud spending, security and resources are the 1, 2 and 3 of today’s concerns. He made a fiercely relevant point about cloud technology increasing the attack surface that a security team has to defend against. Brian confirms that by 2025, it’s estimated that 99% of all security breaches will be caused by customer misconfiguration under the shared cloud model.
That said, there is a huge wave of investment in security products with an x4 increase in focus on multi-cloud products looking to address these issues. SASE-architected SDNs supporting modern cloud technologies like Kubernetes and multi-cloud are heralded by Brian as the way forward with the convergence of security tools moving to support these latest trends. His talk was laden with such insights leaving the audience enthralled.
I made my slow exit from the event noting I was missing out on more live demos by exhibitors, along with talks on Data Security, Email Security and a keynote called ‘Hackers Inc. – an inside view of organised cybercrime, and where it goes next’. That, plus more demos and talks on Ransomware, and client experiences with security challenges led to the event closing. It was a packed event with quality content. It left me with the impression, the Security First conference will be due for a revisit to the Aviva stadium at some point in the near future.
John Mulhall @johnmlhll | john@maolte.ie is a writer with Irish Tech News for over 6 years and also Founder, Writer, and Engineer with Maolte Technical Solutions Limited. You can learn more about John and his new company at https://maolte.ie
