Application Security , BYOD - Bring Your Own Device , Events & Conferences , Towerwall in the News ,

Information Security Summit 2016 Review: Ransomware, Application Vulnerability, Hacking as an Industry Lead our Discussion

By Michelle Drolet
23 Jun 2016

Thanks to all who attended and sponsored our 2016 Information Security Summit. It was a great turnout where we discussed a number of issues and threats facing infosec today. We were happy to see attendees share ideas and continue the discussion online with #summitbuzz16

Here are some of the topics discussed at this year’s summit:

 

Malware

Malware continues to be an ever-growing challenge for IT and Security.  Ransomware alone accounts +100,000 victims daily.

 

Online Applications

It’s not if you’ll get hacked, it’s when. So how do you respond? People, processes, and technology need to work together to address today’s security threat.

 

Governance, Risk Management, and Compliance (GRC)

While we would all like to think that our organization makes risk-based decisions, frequently it is compliance checklist items that get the most attention. We need to remember to not get caught up in just the check boxes.

 

Who are the Targets?

Employees are spearphished, rat’d and ransomware’d every day! Additionally, intranets are vulnerable, insecure and exploited daily.

 

Anti-virus is dead!

If it’s REACTIVE and it’s only 70% EFFECTIVE, what happens with the other 30% of MALWARE? Breach prevention is the key.

 

No Smartphone is secure. Not a one.

There are HUNDREDS of MILLIONS of malware downloads currently in the Google Play store, Microsoft App Store and Apple iTunes store. BYOD is a risky proposition without careful planning.

 


 

Takeaway: So How Do We Keep Our Data Safe?

  • People, processes and technology need to work together to address today’s security threat. Security frameworks and proactive risk assessments are necessary
  • Robust vendor risk assessments are necessary to do business securely with third party providers
  • Breach response readiness, planning, and tabletop exercises should be part of a comprehensive security program

 


 

Thank You and See You Again Next Year!

Finally, a thank you to all who sponsored and attended. It is through your participation that the success of our summit is possible. We are happy to report we raised funds for MassBay scholarships that will, among other things, support students exploring a career in cyber security!

Also check out:

 


 

Learn more about our Information Security Services:

 

Penetration Testing >

Network Assessment >

Application Security >

Governance, Risk and Compliance (GRC) >