Technology / 5 quotes that sum up cyber security in 2015

5 quotes that sum up cyber security in 2015

Business Reporter recently attended The Cyber Security Show 2015, where information security experts discussed the latest trends in the industry. Here are some of the highlight points that we took away from the conference.

1. "We live in a world where cyber attacks are a fact of life."

It is often said, but in the modern world it is a matter of when, rather than if, your organisation will be forced to deal with a cyber attack. 70 per cent of firms have suffered a "significant" breach in the last year, but that does not mean nothing is being done to fight the threat.

"The threat is probably as big as it was five years ago, but that does not mean we have not had success," said one expert. "It could have been a whole lot worse if we were doing nothing."

2. "We probably cannot protect ourselves against all risks."

This means firms need to prioritise what it is most important to keep secure. "We have to work out what is important to us," said one expert. "There are certainly things that we can lose that might not be a disaster," added another attendee later in the day.

Reaction to breaches is also key. One security professional said they carry their firm's PR and legal teams' phone numbers in their wallet to they can contact them at any time, just in case.

3. "The first level of vulnerability is an organic one - people."

"Simple social engineering is a big threat but doesn't get as big a budget as foreign hacker groups," one speaker told the audience. A running theme of the event was that companies need to train staff to be able to spot potential risks that they encounter during their work.

"Ensure that everybody has a level of awareness and can spot an attack," another expert said, stressing the importance of good training. "That is probably one of the most important aspects of cyber defence. Each member of staff is a sensor on your network."

4. "You have got to have very clear links between the departments in your organisation."

Expanding on this point, one information security professional said that it is important for security teams to have a good relationship with other areas of their businesses.

"You have got to have that trust and open relationship with those people, " they said.

5. "The barriers to entry for those who want to launch cyber attacks are dropping."

Criminals and states that want to attack organisations can now choose from vast catalogues of pre-made malware, an expert explained, meaning that although the number of attacks is not increasing, they are becoming increasingly sophisticated.

"The provision of malware is now big business," another explained. "It comes with the same kind of guarantees that software from Microsoft or one of the other big software houses has."

Catch up on our coverage of The European Information Security Summit 2015.