Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
Driven by the EU's General Data Protection Regulation and other regulations, as well as the move to the cloud, more organizations are turning to data classification to help them silo and protect their most sensitive information, says Tony Pepper, CEO of Egress.
When communications giant Publicis Groupe launched its GDPR compliance project, CISO Thom Langford says, "it was more a case of honing and polishing, rather than building from the ground up," thanks to its existing information security management system and complying with ISO 27001.
At three of the world's largest information security events in 2018, Information Security Media Group's team of editors conducted about 200 video interviews with industry thought leaders, who provided timely insights on important topics. Here's your guide to those interviews.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
Much more must be done to shore up the U.K.'s national infrastructure. "It's partly austerity, and it's partly what's happening in the global economy, but we've really seen an underinvestment, specifically in the critical national infrastructure," says LogRhythm's Ross Brewer.
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
The EU's GDPR is already having an impact on how organizations approach data breach detection and remediation, leading many to rely more strongly on security orchestration and automation, says Allen Rogers of IBM Resilient.
When June arrives in the United Kingdom, that means it's time for the annual Infosecurity Europe conference in London. Here are visual highlights from this year's event, which featured 240 sessions, 400 exhibitors and an estimated 19,500 attendees.
One day, organizations may be able to self-certify their GDPR compliance, says an official at the U.K.'s data privacy regulator. Regardless, experts recommend that organizations ensure they are focusing on continuous GDPR compliance and regularly testing their data breach response plans.
The annual Infosecurity Europe conference returns to London this week, with a focus on the latest cybersecurity trends and essential practices for organizations. Hot topics range from artificial intelligence and breach response to GDPR and battling cybercriminals and nation-states.
"Fake news" isn't just a political concept. It's also a component of the marketing hype about Europe's General Data Protection Regulation, says Jonathan Armstrong of the law firm Cordery. How can security leaders cut through the hype and focus on what's truly important to their business?
GDPR is in effect, and in one year, regulators will start to assess penalties against enterprises not in conformance with the regulation. How prepared are entities? Will it take a high-profile penalty to get the world's attention? Michael Hack of Ipswitch weighs in.