Scot-Secure 2020 was much like earlier events – a vibrant gathering of Scotland’s bustling cybersecurity community mixed with speakers from further afield.
Looking back at last year’s event, it’s safe to assume few delegates could’ve imagined their next Scot-Secure appearance would be at the tail-end of a global pandemic.
In fact, Scot-Secure was the last physical event held by DIGIT, and it is for that reason that this year’s conference is particularly poignant.
Held on a virtual platform, Scot-Secure 2021 highlighted the resilience of Scotland’s cybersecurity community and proved that the show does go on. The hustle and bustle, the discussion, debate and insightful content on display absolutely matched anything on display at previous Scot-Secure conferences.
On the first day, more than 350 delegates gathered virtually to explore some of the key cyber trends, challenges and threats on the horizon. From the rapidly accelerating threat of ransomware to the increased use of artificial intelligence in cybersecurity practices, Scot-Secure 2021 covered a range of topics.
Critically, sessions at Scot-Secure placed a strong focus on people and processes. Amid a year of remote work and fragmented operations, managing and mitigating risk is no longer just the focus of security teams – organisations have a responsibility to ensure staff are supported and protected wherever and whenever they are working.
The Changing Security Landscape
In the opening keynote of the day at Scot-Secure 2021, delegates heard from Maxine Holt, Senior Research Director at Omdia, Check Point’s Ady Ringrose and Ed Tucker, Senior Director of Cyber Security and former European CISO of the Year.
Holt explored how the onset of Britain’s coronavirus lockdown measures in March of last year forced organisations of all sizes to rapidly pivot their operations to a remote working format.
With that format came significant cybersecurity challenges. The pace of change in the early days of the pandemic led many organisations to hastily apply a ‘sticky plaster’ to their cyber practices.
And while this has caused issues for many companies, moving out the pandemic Holt believes the challenges of the last year offer a chance to start anew and focus on nurturing a new culture of sustainable cybersecurity practices.
Carrying on in the same vein, Ringrose outlined innovative new ways by which organisations can protect themselves and their employees while operating remotely.
With staff at many organisations split apart by significant geographical barriers, time differences and struggling to communicate effectively via tech platforms, the need for stringent cyber hygiene practices has never been greater.
“We’re experiencing a fundamental shift in how network security is being implemented and consumed” due to remote working practices, Ringrose noted.
Moving forward, Ringrose said employees want the flexibility of using “any device or operating system and access the resources required to complete their task” from anywhere, at any time.
The scattered nature of data, resources and users in a remote working environment has raised dynamic new challenges, and as the world transitions out of the pandemic, questions will be asked of how businesses can enable and secure the digital workplace.
Ed Tucker, who marked his second appearance at the Scot-Secure Summit, took to the virtual stage to warn delegates about the dangers of siloed solutions to security.
Open, transparent and collaborative measures, Tucker explained, are key to ensuring that organisations, public services and everyday citizens are protected amid an increasingly perilous cybersecurity landscape.
Tucker asserted that the cybersecurity industry often chases “buzzwords, phrases and terminology” without enabling practitioners, users and organisations to think more innovatively.
“Cybersecurity is more than just buzzwords, you need to always be assessing the needs of yourself, your team and your organisation as a whole,” he said.
A focus on singular, isolated solutions to organisational security is damaging safety and stifling processes. Fundamentally, security should be collaborative and empathetic, Tucker said, and this has been highlighted particularly since the onset of the pandemic and introduction of remote working.
“When we think about what the prime purpose of remote working actually is? The purpose is that people can work and do their jobs efficiently and effectively,” he said.
“Securing that is a distant second, at best. We should consider how people perform their tasks and functions when we secure remote or hybrid working,” Tucker added.
Breakout sessions at Scot-Secure 2021 addressed a number of key themes, spanning risk management, automated processes and the implementation of new, Covid-conscious strategies.
In particular, delegates heard how cybersecurity strategies simply cannot be introduced in a “one size fits all” fashion.
Leo Cunningham, CISO at Flo Health, explained that good cybersecurity means asking difficult questions and examining what an organisation needs to protect users and why it must be implemented.
One of these crucial questions, he noted, is looking at the threats that an organisation faces on an individual basis.
Eliza May Austin, CEO of th4ts3cur1ty.company also shed valuable light on the ever-changing nature of strategy and process, outlining the rise and responsibilities of Purple Teaming.
In her breakout session, Austin gave delegates an insight into how purple teaming helps foster a more collaborative approach to fighting modern threats and security weaknesses.
“There’s no room for nostalgia” in the modern cybersecurity landscape, Austin said. Outdated technology and antiquated processes must be replaced if no longer fit for purpose.
This broad theme of “out with the old, in with the new” carried on into Darktrace Account Director Georgia Bell’s breakout session.
Her session focused on the rapid growth of artificial intelligence in cybersecurity – both in an offensive and defensive capacity.
The past year, she noted, has been a landmark year in cybersecurity and threats have grown in both sophistication and intensity. Machine learning-based attacks are now a point of growing concern for security practitioners, Bell said.
“Machine learning and AI-planned attacks are definitely here to stay,” Bell commented “What we’re going to see is that traditional security tools that rely on previously seen attacks or predicting what’s going to happen in the future are going to be out of pace as attacks will become more sophisticated and undetected.”
Concerningly, many new AI-based attacks will be so subtle that they essentially blend in unseen, Bell said. This has already been evidenced in recent ransomware attacks, she added.
The cybersecurity landscape is shifting rapidly, with new threats emerging and increasingly sophisticated cybercriminal gangs and state-sponsored hacker groups posing a serious threat not only to organisations but to human lives.
2020 was a landmark year in cybersecurity history – with the first confirmed death due to a cyber-attack occurring in Germany.
Across the year, public services, local authorities and institutions focused on vaccine research were targeted by cybercriminals and state-sponsored threat actors.
In Scotland specifically, citizens were given a glimpse into the disruption that a major cyber-attack might have on public services when the Scottish Environmental Protection Agency (SEPA) fell prey to hackers in December 2020.
Looking ahead and examining the emerging threats and the future of the cybersecurity sector itself, Jude McCorry, CEO of the Scottish Business Resilience Centre, spoke with former NCSC CEO, Ciaran Martin.
In this virtual fireside chat, Martin outlined his experiences at the National Cyber Security Centre, detailing some of the ground-breaking work the Centre has been involved in to keep Britain safe from rapidly evolving security threats.
Although the landscape appears to be extremely dangerous at present, Martin noted that many of the key threats organisations face have been out in the world for some time.
“In the last six months we’ve had a reminder of some of the old classics. You look at the SolarWinds hack, which is new in terms of sophistication and scale, but it’s much of the same,” he said.
“The main trend in terms of old-fashioned cyber risks is ransomware, which has got almost out of control. I think a harsh reminder that at state level and consumer level, we haven’t quite cracked some of the major threats yet.”
Despite the escalation of cyber threats in the last year, Martin said there is cause for hope and optimism ahead. Organisations, governments and citizens are becoming more aware of security threats and the road ahead is more visible than previously.
“As we move ahead, I’d like to strike a note of optimism. I know that’s different as we’re quite doom and gloom in cyber at times,” he said.
“We broadly know what the next generation of technology is going to look like,” Martin added. “Unlike 25 years ago, we can see all this coming. IoT is my favourite example as we now see the UK Government looking to standardise products and introduce regulation.”
Although Martin maintains a positive forward-looking outlook, cyber threats will continue to evolve, and organisations will continue to come under threat from cybercriminals in years to come.
Meanwhile, law enforcement and industry practitioners will continue to play what seems to be a never-ending game of cat and mouse to root out threats and protect citizens.
Bob Carver, Principal of Cybersecurity Threat Intelligence at Verizon, echoed much of what Martin said in regard to the state of the threat landscape, but questioned whether the industry is capable of dealing with the growing threats.
“The threat landscape is extremely dynamic and continues to escalate with speed and sophistication faster than what most security vendors and teams can reliably defend against,” he said. “No one person, no one technology, no one country or continent will be able to solve these issues alone.”
In particular, Carver suggested that the sophistication and sheer variety of threats that organisations now face has created the perfect storm. Social engineering, brute force attacks, ransomware and phishing place employees and firms at great risk.
Similarly, the use of emerging technologies such as artificial intelligence or machine learning are enabling organisations to bolster their defences. However, these same technologies are being deployed by cybercriminal elements to great effect.
“The tactics being used by cybercriminals and the technology are changing so fast that we have to light a fire under people, processes and technology to refresh everything at a faster rate,” Carver explained.
Ensuring that organisations review their processes regularly is key to keeping pace with the rapid evolution of threats. Similarly, he explained that training of staff is key.
Ensuring that staff are informed, confident and competent should be a top priority for any organisation operating in today’s perilous cyber landscape.