A Double Dose of Debate at May’s RANT Forum

In Common ByAngus Batey / 22nd July 2014

You lucky, lucky people. Not only is RANT gearing up for its second annual day-long conference in a couple of weeks (details here – and sign up soon, it’s nearly full), but this month’s regular RANT Forum offers a double helping of information-security plain-talking, as two experienced and respected professionals tackle a different hot-button topic.

First up will be Geordie Stewart of Risk Intelligence, whose presentation may well prove unusually provocative, even for an event that takes a certain amount of good-natured needling in its stride. Stewart’s RANT unpicks what may well be the key question for the industry arising from the Edward Snowden leaks. The scale of state surveillance described in the documents Snowden passed on to the press can only have been possible with, at very least, the turning of many blind eyes by large numbers of security professionals. This is an industry which has bodies designed to safeguard ethical principles, to facilitate reporting of illegal activity, and to maintain public trust and confidence: so what’s been going on? Has the profession lived up to its aspirations or has it fallen well short? And what does the future hold when it comes to co-operation between the security industry and the state?

The second speaker has his own views on the post-Snowden world, but the content of Trustwave Spiderlabs Director John Yeo’s RANT is focused on practicalities rather than policy. Yeo’s presentation, though, promises to be no less engaging than Stewart’s: it will be based around his company’s 2014 Global Security Report, published this week (and available to download HERE), which, Yeo tells the Acumin Blog, may well prove uncomfortable reading for some in the infosec world.

“The Report comes from our incident-response/digital-forensics investigations,” he explains. “It talks a little bit about some of the things that occur during a breach – what organisations get wrong, how they end up getting breached, what a breach looks like, what tools and techniques some of the bad guys are using. Because there’s so little information shared with organisations who do suffer these data compromises, there’s very little out there tha can help individuals who are tasked with protecting their extended enterprise to learn from the unfortunate mistakes of others.”

Trustwave’s data are, of course, anonymised – so if you’ve suffered a breach yourself and have had to call on them to help, there’s no need to shuffle uncomfortably and look at your shoes while John is speaking. “We won’t be looking in depth at any one breach, and I’m certainly not going to be talking about investigations or naming any customers,” he stresses. “But I’ll be looking at some of the aggregate statistics that help explain what organisations do well, or not so well, when it comes to responding to a breach.”

One of Yeo’s key themes will be to stress that one size never fits all. Enterprises need to assess their vulnerability to different kinds of data-breach risk before they can take meaningful steps to protect their information: if you’re not a government department or defence/aerospace contractor, you probably don’t need to spend a lot of time and money combating Advanced Persistent Threat attacks, and unless you’re a multinational conglomerate or you exist primarily to make political points you’re probably not going to attract the malicious attention of hacktivists. But one category of cyber crime is fairly pervasive – and it may never have been more timely to discuss it, within days of the announcement of the massive eBay data breach.

“The area we’re focused on, and where we spend most of our time with the investigative side of things, is financially motivated cyber crime,” Yeo says. “But it’s important to get across that financially motivated criminals don’t only care about payment-card data. They love that because it’s easy to turn in to cash, but any type of personally identifiable information is valuable to them, because it’ll either lead on to identity fraud, or it will increase the value of other types of data.”

After last month’s jaunt to Earl’s Court, we’re back in our usual City of London venue again on Wednesday (May 28th), with a free bar and food and all the usual banter and networking that goes on at the RANT Forum. Doors open at 5:30 with the presentations kicking off at 6:30. Admission is free but advance booking is essential: please contact Donna Wreathall on +44 (0) 7585 705 438 and/or dwreathall@acumin.co.uk to reserve your place.