SecTor 2014 – What We Learned

Last week, thousands of IT security professionals gathered in Toronto for the annual SecTor Security Conference to share compelling research and new techniques. From malware attacks to unencrypted stolen devices, data theft is rampant in the enterprise, and security solutions are, well, supposed to be the solutions. Security experts at SecTor presented on the various ways organizations can learn from past mistakes and how vendors can aid in this process.

Here are a few of the common topics we observed:

1. Security as part of the DevOps process

In the presentation, “KickaaS Security with DevOps and Cloud,” it was suggested that security be woven into the DevOps process. Development and operations includes monitoring, updating, and improving technology. As a part of this practice, security would no longer be left outdated and vulnerable.

2. Go on the Dark web

The Dark web can be accessed for good. News of the breaches appear here, as it is also the marketplace for the stolen information. Monitoring hacker activity is much like living up to the saying, “Keep your friends close, but your enemies closer.”

3. Sound the Alarm

Early detection is no good if it is not known, and IT professionals across the conference urged each other to communicate immediately at the sign of suspicious activity. Regarding the recent retail data breaches, there has been much criticism that not only are the solutions reactive, but the people in control of the solutions are withholding the information for far too long. In the session, “Asymmetry in Network Attack and Defense,” the audience was reminded that sharing knowledge is the cheapest defense.

So what was the major lesson learned here? Security processes need to start being more proactive rather than just reactive.

DevOps Cloud Security is more important than ever.

Previous Post
Another Brand, Another Breach
Next Post
Safeguarding Transactions

Related Posts

Stopping the Bleeding

Heartbleed has been big news in both the security industry and mainstream media for more than a week now.  Our partners and customers tend to be very security conscious so they have been doing their due diligence. As a result,…

RSA Conference 2014

I had the pleasure and privilege of attending the RSA security conference in San Francisco last week.  With 25,000 attendees it was the biggest RSA conference ever.  There were so many exhibitors that they opened up a second building for…

Florida Gets Serious With Data Privacy

July 1st was a big day in Florida if you’re a follower of info security news. That was the day Florida’s new Florida Information Protection Act (FIPA) came into effect and had immediate consequences for anyone that does business in…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu