For good cybersecurity, knowledge is power

What a difference a year makes. This time 12 months ago, businesses and individuals were beginning to return to normal life, travelling to the office, to venues and more.

It was a time of optimism for those in the physical world as two years of being confined to homes ended. Yet while the real world felt normal again, the digital landscape was anything but.

Technology only dwells on normal for a short time and the complexity behind security and protection only increases every day. With the challenge of figuring out the sweet spot between remote and in-office work, this problem will only increase in size.

This is much to do with the role accessibility plays and how that has changed security parameters – the average worker now needs to access services from anywhere.

What was originally confined to the office must now be accessed anywhere and the rise of threats such as ransomware and malware are only growing in sophistication.

It’s no wonder why most businesses can find it challenging to tackle cybersecurity. There are so many endpoints, apps and services to keep track of, and employees all have different access levels depending on their roles and seniority.

Demystifying that landscape is key to Renaissance’s Cyber Expo and Conference Ireland which returns to the Leopardstown Pavilion on Tuesday May 16.

The event is free to attend and brings together the entire security ecosystem together – a large collection of industry leaders, exhibitors, resellers, IT experts, and end users. All of this is brought together by Renaissance, Ireland’s leading data security distributor.

It’s designed to both inform people of the latest security technology trends and developments, and to ensure they hear first-hand from experts in the area as to how to apply it for maximum business benefit. Registration for the event is currently open and is free.

“With Covid, the traditional perimeter disappeared,” explained Michael Conway, director at Renaissance. “It means that authentication and privileged access are really important for organisations to get right.”

Renaissance has been running these events since 2017, building upon the foundations set each year to reflect the changing landscape and drive good cybersecurity practices.

Now in its new home of Leopardstown Pavilion, it held its first event there last year to cope with the ever-growing attendance from vendors and end users.

The venue can accommodate up to a thousand people and includes accessibility features to ensure anyone can attend.

It’s also an easy-to-reach location, situated just off the M50, making it convenient for those driving while being served by major transport routes like the Luas Green Line.

Keeping it digestible

The event is broken up into two main segments. Cyber Conference Ireland will feature case studies on companies from different industries using security technology to help augment and protect their assets, while allowing flexibility for future changes.

The other segment is Cyber Expo Ireland, which will showcase vendor technologies including Admin By Request, Alludo, Augmentt, Bitdefender, Bullwall, Energy log server, EXO5, Filecloud, Fortanix, Hornet, iBoss, Liverton, Macrium, Octiga, Progress, Systancia, Usecure, Veriato, WatchGuard, and Zyxel Networks.

Included in this collection are Ireland’s best Value-Added Resellers (VARs) including Auxilion, Burning Tree, Cara, DNA IT, Edge7, inspirit Vision, Integrity360, Intuity, ITMS, Leaf, Qualcom, RITS and VMGroup.

Attendees will be able to visit the booths at any point throughout the day, whether it’s to learn more information or discuss pertinent solutions.

“We give people the information and knowledge they need to deal with the challenges ahead,” said Conway. “If you look at the high-level challenges for larger organisations, major new regulations are coming up that they have to prepare for.”

Some of these new regulations include DORA (The Digital Operations Resilience Act), which will ensure the financial sector in Europe can stay resilient through severe operational disruptions.

The act sets uniform requirements for the security of networks and information systems of companies and organisations operating in this sector as well as critical third parties providing ICT services to them like cloud services and data analytics.

In short, it requires organisations to ensure they can withstand, respond to, and recover from disruption and attack and is active across all EU member states.

Conway describes the act as “not messing around” and is one example of many where companies really have to take cybersecurity seriously.

“It’s all about risk management,” he said. “They’re now all board decisions, and it’s not just about security; it’s also about compliance. You have to prove you’re compliant and that you’ve done it the right way.”

“DORA is an interesting one as the days of saying whether you’re important or not have passed. Europe will decide that, so you have an obligation to make sure your digital risk is managed.

“If it’s not, you’re liable and it doesn’t matter who was looking after it, it’s both your problem and responsibility.”

This has become more important as recent attacks on institutions make the news. The most high-profile example was the HSE ransomware attack in 2021, while more recently, MTU saw data stolen in a cyber-attack before being put up on the dark web.

While these are specific examples of attacks, Conway mentioned that as a general trend, most organisations badly affected by an attack didn’t keep up with the current threat landscape. Not being current and protected is the board’s responsibility!

“What many of these have in common is when you go back and analyse the attack and setup, typically they’re using old methodologies or technologies to protect themselves,” he said. “By using old, traditional levels of cybersecurity, they haven’t evolved and don’t realise they are now not secure.”

Finger on the pulse

Throughout the day, there will be a significant collection of talks and live sessions covering pertinent areas of cybersecurity.

This year, the keynote speaker is Paul C Dwyer, returning from his appearance last year and building upon the theme of the EU strategy covered then and asking the question: Is a global cyber storm brewing?

He will look at predicting the cyber threat landscape of 2030 based on inputs from ENISA (European Cyber Security Agency). By taking a macro view of the reality today, such as economic and geopolitical instability, it will touch upon how cybercrime is global and requires a coordinated response from the international community.

Other expert speakers on the day will include Tim Willoughby, head of innovation and digital services at An Garda Síochána, who will be discussing roadside and mobile technology as well as the work behind developing a policing service for the future.

And one session worth mentioning will be dedicated to post-cyber-attack responses. This will look at how IT professionals and staff can identify and manage a cybersecurity incident like a data breach or cyber attack as well as providing guidance on how to create and manage an incident response plan properly.

Additionally, there will be a session specifically focused for VARs and Managed Service Providers (MSPs), discussing the evolution of cyber within the modern business environment, and what that means for end-of-life technologies.

In general, the business stream discussion will cover all the major pain points an organisation faces, including specialised areas like Operational Technologies and business resilience. Even for those keeping abreast of changes, the digital space can evolve so quickly that taking your eye off it can be detrimental.

“All these areas have evolved and so too have the threats facing them,” Conway said. “The question is not just how you manage and mitigate that threat, but also how you respond to it when the inevitable happens, something that can be forgotten.”

As was the focus in previous years, the goal of the Cyber Expo & Conference is to provide an environment for Irish businesses to meet cutting edge cybersecurity vendors and get one-on-one time with them. It’s easy to check a website or Google a topic but being able to have a conversation and shape the discussion is invaluable.

The important part is that attendees are under no pressure to commit to any vendor or service; they can walk up and start a conversation with them.

“It provides an opportunity for people to meet the vendors and talk about the challenges they’re facing,” he explained. “You learn a lot by listening.”

Learning about cybersecurity can be an overwhelming experience, especially if you haven’t been keeping up with the latest trends and developments. But with that knowledge brings action. By knowing where your weak points and limitations are, you’re better equipped to address them.

The good thing is you can improve your security posture without necessarily increasing your spending, and in some cases, you can reduce it.

Yet getting to that point can be difficult so Renaissance has prioritised accessibility and openness as key features of its conference and expo. If an attendee is unsure about where to go, the Renaissance team is there to help guide the way.

“If you walk into the event, you’re not going to be able to talk to everyone,” said Conway. “If you find one of the Renaissance team, they’ll talk to you, get an understanding of your issues and challenges and use that information to guide you to the appropriate vendors and people.

“We’re a great industry for making things confusing,” he said. “It’s a global industry that makes things complicated and we try to simplify it, demystify it and take away the challenges.”

For those stuck with legacy technology and trying to stay protected, gathering information can make all the difference.

“From there, you have a goal, and you’re on a journey now to move things along,” stated Conway. “Many businesses have legacy technologies, something they bought from a few years ago and as they continue to renew it, they think they’re covered.

“Instead, you need to know where you want to be in three or five years' time and go on a journey rather than just renew something.”

The frustrating part about online security is that there’s no such thing as complete protection. Instead, you have to build up your defences to help mitigate the risk, plan your responses and how you will handle attacks and recover so you’re back on track with minimal to zero disruption.

For Conway, the aim for him and the team is quite simple.

“We’re trying to improve public awareness,” said Conway. “A successful event for us is where we managed to bring awareness and knowledge to more and more people.” Come along for free, grab a coffee, listen to a few experts, learn more, understand more and be better cyber aware.

“When attendees leave knowing more than they did when they first arrived, that’s a success to us.”

To register for free, visit cyberexpoireland.ie