Tag Archives: data breach

From the old to the new in tackling information security

Haydn Tarr
IT Service Development Manager
The University of Chichester
Report provided to colleagues at the University of Chichester’s IT, Library and Customer Service departments

InfoSecurity Europe Conference 2018

Overview

UCISA offer a bursary to attend conferences in fields relevant to HEI support staff. I have always held a strong interest in attending InfoSec Europe and the bursary presented a perfect opportunity to attend this year. InfoSec Europe is an annual conference which holds a strong focus on cyber security technology developments. This report will disseminate my findings from the conference and draw relevance to the University of Chichester.
InfoSec was split into two formats:
My visit to InfoSec Europe focussed on the sessions it offered and discussing these topics with other visitors concerned with cyber security. There were a number of themes which were touched on regularly.

Theme 1: Cyber security prevention and training

There are varying techniques used for protecting company data from cyber-attacks. I found at the conference that commercial organisations have mainly focussed on preventative measures, e.g. firewalls, email protection, blocking users, etc. These measures do help to mitigate the risk of data breach and infection, but paradoxically reduces this workforce’s awareness of the type of threats and techniques used by attackers to exfiltrate sensitive data.
Organisations are now becoming increasingly aware that this is no longer enough, and the focus is now on training and building awareness amongst the workforce in a bid to reduce the likelihood of a data breach by exposing potential threats to staff. A general message surfaced from the seminars I attended, which was that the workforce can be the biggest asset in preventing cyber-attacks. Some organisations harness this by raising awareness and sustaining a culture where staff are encouraged to report breaches. From the opposite end of this view, other antiquated strategies are in place to prevent the workforce from even coming into contact with potential viruses and untrusted emails in the first place.
A personal takeaway is that a balance needs to be struck between the two, in which I personally feel that the University has an advantage. I observed in other organisations that training initiatives tend to be a temporary notion. Both prevention and training are a continuous development, which will adapt with emerging security vulnerabilities.

Theme 2: Blockchain

Many tech vendors in attendance at InfoSec Europe are associating themselves with Blockchain, and building this into their research and development plans for future protection technologies. In recent months we have witnessed the rise and fall in media coverage (and value!) of Bitcoin. Blockchain, which Bitcoin transactions operate upon, is a transferrable technology which can be adapted to other types of digital transactions in making them more secure.
One technology I found interesting and could offer some value in the future was the use of Blockchain to provide an improved assurance of personal identity. By using Blockchain as a way of decentralising identity, more control can be put into the hands of the individual in how they share their information with other individuals and organisations. These parties can then have more confidence that the holder of this identity, is who they say they are. This could also offer the individual complete power in what specific information that they share throughout various online services, institutions, government portals, etc.

Theme 3: The old tricks still work

Traditional exploitation techniques such as email phishing, SQL Injection and other attacks have been used for almost two decades and are continuing to grow in adoption by adversaries. The rise of IoT (Internet of Things) is partially to blame for this as the surface area of potential vulnerabilities continues to grow. These vulnerabilities could be considered as older consumer electronics, connected to the internet but using old software and firmware, are unlikely to be updated. This becomes particularly problematic in the critical infrastructure industry where I witnessed a live hack on a maritime GPS navigation system. Bringing this back to the local environment, the necessity to maintain a patching programme across the University estate with a growing number of connected devices, has never been more critical.

The University is protected in every area on the network by various prevention solutions. Despite these, there is still a risk of infection or data loss due to persistent attacks which could circumnavigate these techniques such as email phishing or social engineering. These methods are still the oldest trick in the book, and at the University with a growing number of staff, this problem continues and is generally acknowledged throughout commercial and other organisations.

Theme 4: Artificial Intelligence and Machine Learning

These terminologies are often used to describe the next generation of learning ability in computer software. We are yet to reach the state where artificial intelligence achieves its true meaning. Machine learning, however has a big part to play in some of the advances in cyber security. Vast amounts of logging data is collected on a daily basis at the University and throughout other organisations. This logging data can be used for troubleshooting isolated technical issues and security events. Cyber security vendors are beginning to respond to this accumulation of logging data positively, by investing in machine learning R&D. Future developments could enable security technologies to learn behaviours and trends from the accumulation of collected logging data. This could help an organisation’s security posture to evolve in a more effective way to prevent and mitigate cyber-attacks. Vendors are advising that the sheer volume of data that is collected now, can be useful in the future – however, everyone needs to be mindful of GDPR.
Interviews with the keynote speakers from the conference are available along with presentations from the event.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.