I don’t talk about upcoming conferences that much on this blog, but this one I am doing by special request of one of my readers: The 5th Annual Cybersecurity for Government Summit 2015 behind held in the city of Sepang Utara in Malaysia from July 29-31, 2015.
I understand the threat landscape in North America reasonably well, I understand what US corporations need to do in order to stop cyber threats, and I also understand what steps many of them are taking (to summarize: about 1/3 are doing a lot, and 2/3 are doing a little).
But my view into Asia isn’t clear. The culture is different and the threats are different. But they need advanced threat protection as much as any US corporation. The security industry is either heavily geared around the English speaking world or I have such a cognitive bias that it just seems that way. In any case, conferences in Asia are good to attend in order to get insights into the rest of the world.
The biggest trend in cyber security in the past two years is how to deal with advanced persistent threats. The next biggest trend is how companies can deal with BYOD (Bring your own device). While it’s handy to have employees use their own Android and iPhones for work, how does a company ensure that the point-of-entry remains secure?
Governments, too, across Asia are struggling to keep up with the growing volume and severity of cyber-threats. What makes it even more challenging is that the types of threats affecting each country are different from each other. In order to determine which factors are driving Asia’s cybersecurity spending decisions, we need to look at some of the developments taking place in countries across the region.
And a conference is a good way to learn about it.
So what’s on the agenda for this conference?
- Stuff like big data and security
If you’re collecting it, how can you use it to gain insight into your networks? I think a good follow up topic would be how to protect that data once you’ve collected it, because “big data” means collecting and storing a lot of data about other people who aren’t aware you’re collecting it (agreeing to the Terms of Service doesn’t count as being aware).
- Stuff like safeguarding critical infrastructure against modern APTs
How do we safeguard critical infrastructure against modern APTs? Three years ago, Saudi Aramco was hit with a major cyber attack that wiped out the hard drives of nearly 30,000 computers and took two weeks to recover. What happens if a water company, or government energy company, or the telephone network, is similarly hit by a cyber attack?
These types of things interest me because I have no idea whether or not we’re prepared for it, that is, do the companies themselves have a plan? Are they investing in protection against it? Do they have a plan to recovery? Worse yet, if it does go down, does the government have a plan to calm me down when I’m whining why I can’t turn on my lights because the power is down? Or worse yet, can’t watch the newest episodes of Orange is the New Black because the Internet is down?
- Stuff like brainstorming how to prevent future security breaches
At conferences I often like panel discussions that give perspectives from multiple people in industry. They can each give their view and the result is a more holistic oversight about what you – the listener – can take away from it.
There are other sessions on the latest security solutions from industry, too. Security is a fast moving business and it’s hard to keep up. I frequently find that the best way to learn about new technologies is to hear the experts talk about them.
So if you’re in the area, maybe check it out. And since you’re there, why not eat some local phad thai?
What’s that, you say? That’s Thai and not Malaysian? Very well. Check out some chai tow kway.