By Tony Wilson, Indelible Data Managing Director
A key theme resonating throughout the NCSC’s flagship CyberUK event was “proactive resilience” with many speakers, and vendors, using the phrase “controlling the controllables” as the key to business security.
The event brought together cyber security leaders, innovators, and policymakers to tackle the evolving threat landscape.
Richard Horne (the CEO of the National Cyber Security Centre) likened cyber security to a tennis match, where contestants must control everything that is in their power, but crucially prepare for those things that they have no control over.
Artificial Intelligence (AI) took centre-stage, but not in the way I expected. My fear was that some “snake oil” vendors would be selling their AI implementation as the new elixir, but it all seemed surprisingly realistic.
AI, after all, is good at predicting events, given the correct amount of accurate data fed to it so, conversely, it can highlight those areas where unexpected things are occurring – which is perfect for identifying cyber security related events.
Other vendors spoke convincingly of AI helping with incident response playbooks, rather than someone reading down a checklist when the bullets are flying, AI could calmly walk you through the necessary stages of your incident response plan, and even cross reference it with data provided by other companies in your sector that have previously suffered a breach.
Supply chain security remained a critical concern, with panels highlighting the interconnected nature of modern businesses and the vulnerabilities that can be exploited through third-party relationships. Scenarios where North Korean developers are masquerading as “overseas contract programmers” for the sole purpose of inserting malicious code into commonly used software, has become a reality and it is for this reason that practical risk assessment and mitigation strategies within complex supply chains were discussed.
It was great to see that Cyber Essentials was given as a practical measure to control risk in supply chains, by several key-note speakers. After the surprising statistic that more people had heard of the Cyber Aware initiative and a similar number know of 10 Steps compared to Cyber Essentials, it is clear that government is now making a real effort to increase awareness and take up of the scheme.
Keeping it real is a major requirement for Cyber Security events, and thankfully no vendor seemed to offer a “silver bullet” approach, rather the message focused on supplying something to help give us a bit more control and help us win the match.
- Indelible Data offers an elevated Cyber Essentials service including a 1-hour support call and monthly vulnerability scanning. Find out more about Platinum here
/-3.5042587517567103,%2054.70635734010168,15.5/300X450@2X?access_token=pk.eyJ1Ijoid29tYmF0Y2hyaXMiLCJhIjoiY2pqaGEyd2lzMDQ3ZDN2bWQ4OTBsa2pmayJ9.ksVq6arM13qYhr76pco33w)