“Trust is the Key” to Improving Cybersecurity
As the incident response community grows, developing trust is “getting more complicated”.
Trust is the vital ingredient required to ensure the world competently deals with cybersecurity threats, according to Thomas Schreck, chairman of the Forum of Incident Response and Security Teams (FIRST).
Schreck was speaking at the opening day of FIRST’s 31st annual conference in Edinburgh, attended by more than 1,100 delegates from more than 80 countries.
The forum’s inaugural event had attracted 60 people and, as the incident response community grows, gaining and developing trust becomes more challenging, he noted.
“It’s all about trust,” he said. “But trust can be complicated. In the beginning, with just those 60 people, everyone knew each other, so we could easily just share information on our mailing list.
“Now we have members in 92 countries and you can’t build trust just by turning up at a conference. We need to talk with each other, and we need to find ways to engage and build up trust.
“This year we’ve had a 35% increase in attendees compared to 2018, so it’s getting more complicated.”
Ultimately, moving forward FIRST hopes to be able to facilitate that building of trust.
“Now, and increasingly so in the coming years, more information will be shared in sub-groups but we will be the place where you can start the conversation.
The FIRST conference, taking place in Edinburgh for the first time, will see both industry experts and academics speak in keynotes in addition to leading more than 100 meetings, tracks and workshops over the five-day conference.
Themes explored throughout the week will include the security implications of the IoT in addition to exploring how to anticipate what an attacker might do to a system and how to avoid it.
Sessions through the week will cover the latest research from several academics on topics including the Border Gateway Protocol.
Sessions will also aim to promote worldwide coordination and cooperation among Computer Security Incident Response Teams (CSIRTs).
- National Cyber Security Strategy Falling Short, Says PAC Report
- Amazon Faces Lawsuits Over Alexa Child Recordings
- AI to Interpret the Meaning of Babies’ Cries
Schreck added: “More than ever, organisations are taking significant steps to not only invest in the security of their technology, but also in their people who can help prevent security related incidents. It’s vital that they have the right skills and insight to be able to deal with an incident efficiently in times of crisis.
“As with any community or membership organisation, it’s essential that mechanisms are put in place to facilitate collaboration and knowledge-sharing so that should a security incident occur, members have a ready-made network that can be called upon that can work together to tackle the problem at hand and put plans in place to prevent such occurrences in the future.”