Skip to content

Bit9

← Back to Blog
4 May 2011

Bit9 Thoughts from InfoSecWorld

Ian Poynter

Last week, I spoke at MIS Training Institute’s InfoSec World conference in Orlando.  I also attended several sessions, keynotes and social events.  Some themes caught my attention and seemed to be on the minds of other attendees too.

  • Mobile.  Everyone is trying to understand the unique threats presented by mobile devices, but also to empower employees and customers to use them to conduct business.  Understanding the risks is fairly easy, but remediating them is quite a challenge.  I expect there to be a lot more software and services on the market in the mobile arena. I have heard that there are more than 30 mobile security startups out there. Anyone know if this is true?
  • Deploying technology appropriately.  This issue was discussed in our Data Loss Prevention panel and elsewhere: no amount of technology can solve a problem without an underlying commitment and buy-in at a business level.  With DLP, it’s critical to identify the value of information to the organization and to classify data before you can begin to protect it.  One panelist cited an example of his organization’s on-going DLP efforts for the last few years, which did not result in a technology purchase until well into the data classification phase.  That said, conducting proof-of-concept trials of new technologies allows an organization to hit the ground running when they decide to deploy a technological solution at an enterprise level.
  • Advanced Persistent Threat.  The APT is definitely on the radar at many organizations.  It’s very clear now that some malware is specifically targeted at particular organizations, and that this malware takes advantage of zero-day flaws to do its work.  There was a lot of interest in how APTs function and a lot of discussion of techniques to address them forensically.  Very often in security, new challenges require an old school approach with a different skew, rather than a completely fresh angle.  Once in a while, we need a radically different approach to address radical changes in underlying threats, and this is clearly the case with the APT.
email

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

*

* Copy this password:

* Type or paste password here:

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.


Our Solutions

Our Products

  • Blog

+1 617-393-7400 US