The e-Crime Mid Year meeting came to an end. Following are some key highlights.
9:28 CET on the 6th October 2010 Entry written by Secunia.
Secunia attended the e-Crime Mid Year Meeting 2010, London on October 06, and Stefan Frei, Secunia Research Analyst Director, presented the topic: “Why cybercriminals do not need to target Microsoft”.
His presentation was very well received. Attendees obtained key insights regarding the fundamental failings of end-point security due to vulnerabilities in 3rd party programs, and learned more about the strategies needed to ensure that all the programs are patched and up-to-date.
The main topics covered by the other speakers in the conference were along the lines of increasing challenges for risk management, the complexity of threats, all aspects of cloud computing, and deperimeterization. A key learning from these topics is that the security landscape is ever changing and dynamic, and that there is no use for static approaches in dealing with today's threats at any level of management or operations.
In addition to the talks about the cloud computing environment such Software as a Service (SaaS), the speakers also covered further emerging paradigms, such as, Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).
A few other key learning points:
Data from Verizon's Jelle Niemantsverdriets makes it clear that the external attacks significantly predominate over internal attacks. He further suggests to add the category "partners" to classify the origin of attacks, besides the common distinctions of "internal" and "external".
More than one presentation confirmed that the compromise of login credentials continues to be the most common and most critical attack vector. Jason Hart from CryptoCard illustrated this point vividly with live demonstrations by using commonly available tools and techniques.
Michael Paisley from Santander warned of the "working trap", when the process becomes more important than the objective itself.
Overall, it was worth while for Secunia to attend the conference, our sessions were well attended, and considered an eye opener by many participants.
Stay Secure Secunia
Discuss this blog entry
A new thread in our forum is created. Activate the thread by
Subject: e-Crime Mid Year Meeting London
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.