Detect & Respond – one of the key Topics at The InfoGuard Innovation Day 2019

Author
Reinhold Zurfluh
Published
15. February 2019

On 23 January 2019, the seventh InfoGuard Innovation Day took place. The event is well known throughout Switzerland, and this year over 250 participants were there to find out, what the trends will be this year and what challenges they will be facing, and they weren't disappointed! 25 network and security partners as well as our own Cyber Security experts gave 60 presentations, showing on one hand the enormous threats posed by the cyber world, and on the other hand, innovative approaches and solutions. In this article, find out what presentations were a major draw for visitors, which topics are taking the interest of the experts right now, and why you shouldn't miss out on the next Innovation Day on 22 January 2020.

We can say with confidence that every presentation at the Innovation Day was exciting and well worth seeing. Nevertheless, of course there were also audience favourites. As was the case last year, one of the most popular presentations was on "Hacking" and "Detect & Respond".

Unfortunately, publicly available information is often a gold mine for cyber attacks

Our Cyber Security experts demonstrated the ways hackers attack today and how the InfoGuard Cyber Defence Center works to detect attacks like these and protect our customers. Lukas Reiter, one of our Senior Cyber Security Consultants and Penetration Tester, demonstrated how open source intelligence (OSINT) can quickly become a successful vector for attacks. Information is collected from websites, the infrastructures used, social networks, job platforms, as well as insights gained during a "visit" to the location (or done virtually thanks to Google Earth or corporate clips on YouTube) and from these are derived the attack methods with the best prospects of success. And it is precisely information such as this that can be used for a targeted attack, for example using "spear-phishing" We have already shown you in an earlier blog article why, unfortunately, phishing is still so successful.

Detect & Respond – a topic with many different facets and even more interest…

Ernesto Hartmann, our Chief Cyber Defence Officer, used his presentation to explain how Threat Detection & Response can be optimised. In order to detect a cyber attack quickly, you need comprehensive information about the target systems. Traditionally, this data is collected and analysed at a central location. This considerably lengthens the time between attack and detection. This is why it makes sense to carry out the analysis directly at the endpoint. Thus it can be monitored continuously and only the data related to the detection is retrieved. This is the great advantage of Endpoint Detection & Response (EDR). And as you may already know, InfoGuard is the only Tanium partner in Europe to offer this as EDR-as-a-Service from the ISO 27001-certified Cyber Defence Center in Switzerland. In this article, you can find out the advantages that EDR has to offer.

Incident Response – Not an easy issue 

Mathias Fuchs, Head of Investigations & Intelligence, presented the ten most common errors in Incident Response. He said it was particularly disastrous that complex processes often prevent efficient work, that artefacts are misinterpreted or that evidence is simply missing. This clearly shows: Incident Response cannot just be dealt with as a side issue. Incident Response requires experienced experts like our CSIRT.

There are risks lurking around every corner

The increasing dependence on third parties such as suppliers, and service providers was also addressed, because their security level has an influence on the entire risk situation of their own company. A vulnerability in the supply chain increases the business risk, at the same time endangering productivity, profitability and reputation. However, supplier risk management presents many companies with major challenges. Security scoring, such as that provided by our partner SecurityScorecard, can provide valuable support here. Not only can supply chain risks be recognised, transparently identified and managed, but the necessary measures can also be initiated.

Threat Intelligence – more than just a smart solution in the fight against cyber attacks

The experts from Recorded Future showed how important threat intelligence is in minimising risk. The innovative approach based on "machine learning" automatically collects and analyses information from many different data sources, including the Darknet. The system thus provides valuable context information that can be used in real time for continued manual analysis or for immediate implementation in existing security technologies. Recorded Future's solution not only understands the meaning of words and technical data in many different languages. It also uses historical data to identify patterns and to improve cyber attack detection and response. Our partners' innovative solutions also met with great interest. There was something here for everyone, ranging from AI-based security solutions to compliance, IoT and cloud security.

My personal summary of the Innovation Day 2019

Once again, this year's Innovation Day was a complete success. The aisles between the exhibitor stands and the seats in the five presentation rooms were almost filled to capacity, with the number of participants rising to over 250. And also the visitors were not disappointed. Because this event is the perfect platform for getting experts' opinions on a variety of topics, exchanging ideas with other experts and networking, all in a very short time frame. Once again this year this was the positive feedback our guests', and of course we are very happy about that! Here you can get a short glimpse into the event.

So you see - taking part in the InfoGuard Innovation Day is definitely worthwhile!

Missed out on Innovation Day 2019?

You couldn't be there this year? Not a problem! On 22 January 2020, you will once again have the opportunity to join the Innovation Day. But you will not be left on your own until then! That's why we organise events all the time. At our Security Breakfasts with free coffee and croissants, for example, you can find out about the latest solutions from our partners. Or just visit our (now almost legendary) InfoGuard Security Lounge, which will take place for the tenth time on 26 June 2019. It's best to reserve your place right away and subscribe to our newsletter, to avoiding miss out on registration!

Always stay up to date with Cyber Security issues

Of course you won't want to miss out on our events, but that doesn't mean that in the meantime, we won't be providing you with the latest Cyber Security News. Each week in our Cyber Security & Cyber Defence Blog, you can find out about the issues that are preoccupying the Cyber Security world - and get free tips in the form of whitepapers and checklists. Subscribe to our blog update today!

 

Subscribe to Blog Updates now!

Share article