Insights | Integrity360

4 Things We Learnt from Infosec 2022

Written by Integrity360 | 05 July 2022 10:12:46 Z

A couple of weeks ago, London’s ExCel brought together all corners of the information security industry for Europe’s largest gathering, InfoSec 2022 hosted from June 21st to 23rd, 2022. The event hosted a wealth of security vendor booths spread out across the exhibition halls, nearby hotels and even on a yacht, with day two finally bringing in the crowds of delegates.

Integrity360 also made its way to visit InfoSec 2022. On the second conference day, we held our very-own event alongside the three-day conference. Our clients were able to enjoy an energising breakfast buffet at the nearby restaurant Top Forever 1 that overlooked the sun-glittering docks. This first pitstop allowed them to fuel up for a long conference day, meet with their account managers or even our Head of Product to catch-up about their cyber strategy over a breakfast roll and a strong cup of coffee

The InfoSec 2022 Breakfast Energiser was a success with dozens of our clients taking up on the opportunity before proceeding to the ExCel centre, just as we announced our new partnership with zero-day security intelligence platform Deep Instinct.

Integrity360 now offers the Deep Instinct’s platform alongside other complementary technologies, allowing it to provide a multi-vendor solution to our customers from a single, skilled service provider.

Our team consisting of Head of Product, Brian Martin, Partner Manager Stewart Grant and Marketing Manager Lisa Bruecher stopped by Deep Instinct’s InfoSec booth to kick-start the conversation of potential ways to integrate their EPP platform into our managed services.

When it came time for the event, there was more than enough content to tide over security teams for the rest of this year. Below, we’ve looked at the top four things we learned at InfoSec 2022. 

What happened at InfoSec? Key discussions 

Out of all the topics discussed at InfoSec 2022, the bulk of discussions focused on mitigating the cyber skills shortage by building a strong security awareness culture, an area that our Head of Product, Brian Martin has written and spoken extensively on

Other topics making the rounds at InfoSec 2022 were largely around the continuous risks posed by hybrid working, ransomware, and geopolitical conflict, and the role threat prevention and detection, and cybersecurity at the business level have in mitigating these risks. 

Of course, there was also plenty of interest in cloud security and Cloud Native Application Protection Platforms (CNAPP), with large and emerging vendors attending including Palo Alto, Crowdstrike, Ermetic, Orca, Lacework, Qualys, Snyk, Sonatype, Splunk and Trend Micro.

 

Top 4 trends emerging from InfoSec 2022

1. Using security awareness to bridge the cyber skills gap 

With the cyber skills gap totalling 2.72 million professionals last year, more and more organisations are turning to security awareness training to make up the shortfall. 

For these companies, improving the security awareness of employees with regular training alongside phishing simulations can teach employees how to follow security best practices and decrease the risk of a data breach in the first place.

On the other hand, a company would need to consider outsourcing managed security services to a trusted specialist which helps reduce the pressure and takes a huge load off the in-house security team.

Find more about our managed service offering here.

 

2. The continuous risks of hybrid working 

Another key trend from the event was that hybrid working presents continuous risks to enterprises. No longer are employees working in well-maintained and tightly monitored on-site networks, they're increasingly using personal devices to log in. 

In this environment, security teams don’t have 100% visibility of what's connected to their network, and these blind spots present big security risks. While enterprises can take steps to mitigate vulnerabilities, to some extent organisations need to tolerate these risks. 

Research shows that 73% of organisations believe information security teams must tolerate a higher level of acceptable risk in a hybrid, work-from-anywhere environment. 

3. Threat prevention and detection 

For security teams in particular, InfoSec 2022 highlighted that threat prevention and detection should be a top priority. Today’s organisations not only need to be prepared to prevent potential security events from taking place but also require the ability to react quickly in those scenarios where preventative controls fail. 

Out of all cybersecurity tools emerging, Managed Detection and Response (MDR), Extended Detection and Response (XDR), and Threat Intelligence are emerging as key solution categories to empower security teams to detect malicious activity at speed. 

However, these still need to be combined with ongoing 24/7 network assessments so that security analysts can identify potential entry points to the organisation and mitigate them. 

4. Ransomware 

Speakers at InfoSec 2022 conference were also quick to highlight that ransomware is set to remain one of the top threats facing enterprises, with ransomware attacks increasing by 13% over the past year. 

With the ransomware-as-a-service (RaaS) economy, and attackers leveraging new techniques like data exfiltration and double extortion, organisations are more vulnerable to paying out ransoms than ever before. 

This is particularly true when considering the geopolitical conflict between Russia and Ukraine has created an international cyber war that has incentivised state-sponsored cybercriminals to invest in developing the next generation of threats. 

Rethinking security in 2022 

With this year's InfoSec conference coming to a close, now is the perfect time for organisations to reflect on their current approaches to security, and the steps they’re taking to protect their data from threat actors. 

Now is the perfect time for organisations to start proactively mitigating vulnerabilities while investing in detection and response solutions to ensure their security teams have the support they need to identify and intercept threat actors wherever they may be in the environment. 

Want to find out how our MDR service can protect your data from cyber gangs – find out more in our MDR eBook or contact us today.