Consider Cybersecurity Conferences to Identify Strategic Partners

In September I spoke at length with IT-physical security consultant Dan Dunkel, president of New Era Associates, about the role systems integrators can play in becoming a trusted cybersecurity partner with their end customers.

Achieving such a business goal — tapping into new revenue streams, and importantly, staying relevant to your end customers — begins with education and aligning with strategic partners and support resources.

These are key ingredients necessary for laying a foundation upon which to build an actual portfolio of cybersecurity services to offer current and prospective customers.

As Dunkel explained, cyber conferences — whether on a national scale such as Black Hat and RSA or regional events in your own neck of the woods — can provide the perfect opportunity to network with potential strategic partners in this burgeoning arena. There are related directories as well, such as the Cybersecurity 500, that installing security contractors can peruse to become familiar with key players, big and small.

It is in the best interest for installing security contractors, even for smaller regional providers, to consider that cybercrime can be expected to increasingly drive end-user budget decisions. Silicon Valley-based market research firm Cybersecurity Ventures, which publishes the Cybersecurity 500, forecasts global cybercrime damages will reach $6 trillion annually by 2021, up from $3 trillion last year.

Moreover, global spending on security awareness training for employees is predicted to reach $10 billion by 2027. Training employees how to recognize and defend against cyber attacks is the most under spent sector of the cybersecurity industry, according to Cybersecurity Ventures.

There’s a recent entrant to the cyber-seminar circuit for security dealers and integrators to consider going forward — the EDGE Security Conference, which was held Oct. 17-18 in Knoxville, Tenn. Organizers bill the event as being designed to educate business and technology professionals about the impact cybercrime can create, with a goal to foster a community of creative problem solvers.

While I was not in attendance, the second annual event looked to be impressive. The programming featured subject matter experts from both the private and public sectors from more than 20 different states who discussed real-world business security problems and their solutions. In a press release I received, the following top three takeaways from the conference were detailed as such:

1) Cybersecurity should be viewed as a necessity, not a hassle

If cybersecurity’s weakest link (humans) commit to stronger security, a majority of cybercrime can be thwarted. Consider: “Ninety percent of what I deal with on a regular basis could have been prevented,” said Scott Augembaum, special agent for the FBI. “And what the bad guys are doing right now is stealing email. They’re stealing the username and password, because when the bad guy gets your username and password, he gets the keys to your crown jewels. And unfortunately, since 60 to 70 percent of the population is using the same password for multiple platforms, the bad guy steals one email, such as in the Yahoo breach where the bad guys stole 3 billion Yahoo usernames and passwords. And if 60 and 70 percent of those users are using those same passwords for multiple platforms, now they’re logging in to corporate email accounts, cloud accounts, Dropbox accounts, payroll files, accounting … the list goes on. So, in my opinion, keeping email safe with two-factor authentication would solve a number of these common problems.”

2) A proactive mindset is key to keeping critical data secure

Diligence, patch management, training and planning ahead to be resilient are essential. Consider: “When companies are hit by something like ransomware and their critical data is compromised, being able to recover that data because they have a resilient backup strategy is everything,” said Tony Rucci, director of information security and threat intelligence for Information International Associates. “Most importantly, companies need to practice recovering their data to instill confidence that they are prepared in the event they become compromised.”

3) A top-down cultural shift needs to happen

A recurring theme during the conference was the promotion of C-suite executives becoming part of information security decision making. Consider: “If you think about a large company of 100,000 employees, you maybe have 100 security employees,” said Ben Johnson, co-founder of Carbon Black and co-founder and CTO of Obsidian Security. “That’s a 1,000 to 1 ratio. So, for every 1,000 people adding risk by being human, there’s one security person trying to remove risk. The more the actual employees and management get involved, the better. I do think with some of these major breaches we’ve seen recently, there have been discussions by people who are not technical at all or haven’t cared at all about security in a corporate environment, and who are now saying ‘what can I do?’ Not to say that those breaches are positive in any way, other than the silver lining might be more awareness.”

To find out more about EDGE2017, and to get updates on EDGE2018, go here.

The intent of all this is to simply provide food for thought as you plan for travel in 2018 to attend industry conferences and similar educational offerings.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Ransomware, Supply Chain Attacks and Geopolitical Issues Complicate Cybersecurity

ISC West Announces Keynote Speaker Lineup for 2024 Event in April in Las Vegas

Genetec Shares Best Practices for International Data Privacy Day

Security Business Leaders Speak Loudly and Clearly About Key Industry Issues