Last month, the iconic Olympia London opened its doors to over 5,000 delegates, for the 2022 International Cyber Security Expo.
With an esteemed Advisory Council, chaired by Professor Ciaran Martin CB (former CEO of the NCSC), the event combines world-class education with practical business solutions, as well as leading products and innovations.
Not ones to miss such an opportune event, our cyber security team headed down to scope out some key insights.
Here’s what they came back with…
Software Bill of Materials (SBOM) as a strategy 101
Recently emerging as a key building block in software security and supply chain risk management, a SBOM is a complete inventory of a codebase – including open source components, their license and version information, and any known vulnerabilities.
Having an SBOM is one of the most effective ways to identify impacted systems, as well as help organisations secure their infrastructure to minimise cyber security risks.
Attack tree analysis: identifying and ranking cyberattack paths
Conceptual diagrams showing how a system or target can be compromised, attack trees are an excellent tool in the world of cyber security.
Utilising telemetry data and estimates to reduce the risk of an attack, David Wiseman of Isograph Software ran through an example of a threat imposed on an automotive infotainment system – and what an insightful demo it was!
Application security – present and future
A panel of cyber powerhouses delved deeper into application security automation testing.
Specifically, the discussion focused on API security, cloud native application security, and supply chain risks – highlighting how our growing reliance upon such services have exposed users to a variety of new security risks, and exploring how to protect them from constantly-evolving threats.
Hunting the actors behind the threat
Clustering is the process of dividing entire data into groups, based on the patterns in the data – allowing experts to observe activity and identify any anomalies that could indicate a threat. Very Jason Bourne!
Zero Trust for applications and protecting yourself from zero-day vulnerabilities
Zero Trust is a hot topic for network security. Yet, many are yet to grasp its impact or understand successful implementation.
Delving into the various endpoint evasion techniques that are undetectable by most Endpoint Detection and Response (EDR) and antivirus solutions, offered some great insight into the need for such architecture in an increasingly connected world.
An insight into penetration testing
With a whistle-stop demo of penetration testing in action, attendees were encouraged to think like a hacker, and detect vulnerabilities in a sample software system.
But why is this so important?
- It shows real-world attack vectors: These could impact an organisation’s IT assets, data, humans, and/or physical security – ultimately telling you how effective your security controls are against these attacks.
- It uncovers any major vulnerabilities within your environment: Plus, it detects low-medium risks, to help you prioritise fixes and allocate resources accordingly. This is a critical part of tightening up your security posture as the vulnerabilities can lead a hacker all the way through your network to your sensitive data.
- It identifies problems you didn’t know existed: You may need to, for example, fix misconfigurations in a DNS server or a compromised web server you forgot about.
- It identifies recommended security controls: This might present an opportunity to prioritise remediation events, patch IT assets, or layer more security defences in your organisation.
- It reveals poor practices within your security team: Don’t forget the role of humans – are you missing important patches or not hardening applications and operating systems?
- It highlights your team’s strengths: A quality pen test might not only show you the weaknesses in your security posture, but also the strengths and where your team excels. This can instil your team with confidence in detecting and responding to threat actors, as well as becoming more proactive in finding hidden threats themselves, in future.
- It helps to enhance your security strategy: If you already have a solid security strategy and policies, you can show the organisation and end users how important these are. However, if your pen testers can show that human mistakes are causing the biggest gap in your security, you can reinforce the need to re-evaluate your processes.
Want to continue the conversation? Get in touch.