Key takeaways from Infosecurity Europe 2024

Leon Allen, Director of Cybersecurity at C8 Secure, alongside several of his colleagues in the global Continent 8 and C8 Secure cybersecurity team, recently attended Infosecurity Europe 2024. Infosecurity Europe is the UK’s premier cybersecurity event, bringing together senior leaders of the cybersecurity community to pool their expertise and tackle the pressing challenges they face daily in the information security sector.

Here, Leon shares his key takeaways from the event.

Tell us about your impressions of Infosecurity Europe 2024? What did you enjoy most about the show?

Infosecurity Europe always offers valuable learning opportunities. These come in the form of conference sessions and networking discussions with cybersecurity experts and professionals, allowing for the exchange of ideas and sharing of lessons learned from diverse practices, backgrounds and applications.

In addition, a small but appreciated observation is Infosecurity Europe’s new floor plan layout. The distinct startup, technology and networking zones made it easier to navigate the exhibition for an improved attendee experience.

While at Infosecurity Europe 2024, did you see a common themes at the event?

The event covered a wide range of relevant themes and topics that were of interest to the cybersecurity community. These ranged from AI (overload; of course!) to securing the supply chain to ransomware. Organizational-specific topics also included encouraging diversity in cybersecurity and creating a security-focused culture.

Were there any topics or specific conference sessions that were of interest to you?

I always look forward to Infosecurity Europe’s agenda as it never disappoints. I try to attend as many conference sessions as I can over the three-day period – I thoroughly enjoy all of them!

While it’s too lengthy to detail all sessions details, here are some of the highlights, notes and key takeaways from two of the ransomware and AI presentations that I attended:

Session 1: Ransomware: Time to Decide – Will You or Won’t You Pay?

• 1 billion paid in ransom in 2023!
• Skill shortage across cybersecurity remains (and is getting worse)
• There is no legislation in the UK mandating reporting of cyber ransoms
• Figuring out who’s on the other end of the table is important (e.g. do they have the decryption key or are you a victim of a ransom of a service with no real technical expertise?)
• Advice:
  • Three Ps
    • Prepare: This will happen.
    • Plan: Understand who are the stakeholders.
    • Practice: Can you use your insurance provider or managed
      security provider to perform a tabletop exercise?

Session 2: How to Win the AI Arms Race

• Projection that cybercrime will be worth 10.5 trillion dollars in 2025! (To put it in perspective, that would make it the third richest country in the world in terms of GDP)
• Threats:
  • Generative AI (targeted emails; improving virus’)
  • AI constructive programs
  • AI Red Teaming
  • Polymorphic attacks (e.g. Black Mamba – where a virus morphs over time)
• How can AI help defence in depth?
  • 92% of malware uses DNS and traditional tools only look at basic DNS
    • E.g. Suburst Solarwinds Compromise
    • AI could help us identify nefarious domains to expediate efforts in blocking these compromises
  • 91% of attacks involve email
    • Using AI to scan emails to look for abnormalities
  • AI-powered end-point protection
    • AI-powered XDR; including deep learning
  • Deep Learning AI is closing the gap
  • Updates and patch management
    • AI patch management vendors are coming to market
  • Training and awareness
    • Culture AI – scanning the network and recommend targeted training
  • Incident response planning
    • Micro segmentation
•  Summary:
  • Know your enemy
  • AI is only part of the solution
  • Create a multi-layered defence

I’ve already marked my calendar for Infosecurity Europe 2025. Hope to see you there!

With cyber threat incidents on the rise, C8 Secure is committed to working closely with corporations and governmental agencies to provide practical, adaptable, preventable and problem-solving security solutions.

Learn how our expertise can help your organization stay ahead of cyber threats – contact us today!

Let’s Get Started