SecTor 2014 – What We Learned

Last week, thousands of IT security professionals gathered in Toronto for the annual SecTor Security Conference to share compelling research and new techniques. From malware attacks to unencrypted stolen devices, data theft is rampant in the enterprise, and security solutions are, well, supposed to be the solutions. Security experts at SecTor presented on the various ways organizations can learn from past mistakes and how vendors can aid in this process.

Here are a few of the common topics we observed:

1. Security as part of the DevOps process

In the presentation, “KickaaS Security with DevOps and Cloud,” it was suggested that security be woven into the DevOps process. Development and operations includes monitoring, updating, and improving technology. As a part of this practice, security would no longer be left outdated and vulnerable.

2. Go on the Dark web

The Dark web can be accessed for good. News of the breaches appear here, as it is also the marketplace for the stolen information. Monitoring hacker activity is much like living up to the saying, “Keep your friends close, but your enemies closer.”

3. Sound the Alarm

Early detection is no good if it is not known, and IT professionals across the conference urged each other to communicate immediately at the sign of suspicious activity. Regarding the recent retail data breaches, there has been much criticism that not only are the solutions reactive, but the people in control of the solutions are withholding the information for far too long. In the session, “Asymmetry in Network Attack and Defense,” the audience was reminded that sharing knowledge is the cheapest defense.

So what was the major lesson learned here? Security processes need to start being more proactive rather than just reactive.

DevOps Cloud Security is more important than ever.

Previous Post
Another Brand, Another Breach
Next Post
Safeguarding Transactions

Related Posts

The importance of partners

Go to market strategies for vendors varies in approach whether it’s entirely direct, indirect or an amalgamation of both. WinMagic adheres to a hybrid approach that best matching the requirements of the customer or business practices within a given region.…
Read more

Rethinking Data Security for the Public Cloud

For many, Cloud is a buzzword floating through cyber space. It is all too common to hear stories of data being compromised due to insecure Cloud hosting, spawning critical audit sweeps and apologetic corporations responding to upset customers—Yikes! (more…)
Read more

An offer you can’t refuse

This post is going to be a lot of shameless self-promotion for WinMagic but it’s something we think is important as it’s tied directly to the recent launch of SecureDoc 6.1. (more…)

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu