Events and conferences come thick and fast in the security industry, and it’s sometimes hard to find time to sit and reflect on each one. Add white papers, webinars, and roundtables to the equation, and it’s easy to end up with a head-spinning amount of security information, daily.
Many people in this field get used to life on the road, or in the air, traveling far and wide on the speaking circuit to spread the security gospel, and meet with like-minded professionals all over the globe. Then there are the infosec practitioners, who take time out of pressured schedules to join the congregation, attending conferences and virtual events in a bid to expand their understanding and industry knowledge, with the aim of making their organizations – and the world at large – a safer place to conduct online activity.
But with many events offering a slew of different conference sessions and tracks, sometimes it’s easy to come away feeling bludgeoned by knowledge. There are so many dedicated and impassioned speakers delivering razor-sharp insight into all facets of this diverse industry, that the glut of quality information can feel overwhelming. The question is: How to step back and focus on the key actionables for you, the individual, who attends events with the hope of bolstering your security intel arsenal?
In a sense this is analogous with some of the concepts of ‘threat intelligence’ – eradicating the noise on your network to help you establish the security incidents and events that matter: hearing the vital message amid the cacophony, or, to use the old cliché, finding the needle in the haystack.
A theme across security is that incident responders and network defenders don’t have enough time to deal with everything; they have to prioritize. If you can identify sophisticated actors carrying out attacks and spend time firefighting that, and not spend your day tackling nuisance and untargeted malware, you’ll be running a more effective security operation.
Prioritizing intelligence is also integral if you’re going to keep up-to-date with the constantly mutating landscape of threats – both to your organization and those facing the world at large. Just as security professionals seek to spend less time sifting through false alarms and get to the nugget of information that will help them stop a catastrophic event on the network, they also need to cut through the noise that the industry generates to make sure that they’re getting the right insight in their ongoing quest to become the best security practitioners possible.
“Many technologies are marketed as the miracle pill to cure all ailments, and practitioners are confronted with buzzwords that can be misleading”
Identifying what information is worth taking the time to assimilate is hard. There are innumerable magazine articles, white papers, independent and vendor blogs, research reports, government bills, intel-sharing forums, conference speaker sessions, webinars and more. Each of these could provide the epiphany you need to drive forward your security ambitions.
An additional challenge in keeping track of the security industry’s direction is that all too often its various components seem to operate in silos. Government, private sector and the security community all have a role to play and a message to communicate, but trust between each isn’t always optimal. So when a government makes an announcement, like the recent Protecting Cyber Networks and National Cybersecurity Protection Advancement Acts in the US, the instinctive response from much of the security industry is skeptical at best – and this drives a whole debate that can be both engrossing and distracting.
Consider too the ‘white noise’ that sellers of security products produce. Many technologies are marketed as the miracle pill to cure all ailments, and practitioners are confronted with a number of buzzwords and passing trends that can be misleading. Endpoint security is the holy writ one year; then it’s incident response; once it was the perimeter. All these things have their place, but the promotion of one above the other through noisy marketing and pitching can often distract from the fact that so many security incidents are easily avoidable. It’s education and a sound understanding of infrastructure that forms the bedrock of security.
So if you’re reading this at an event, and you’re wondering how to make the most of all the intel and information being served up, consider what really matters to you. What do you need to know to become a better security professional? The conversations that will make a difference are the ones that buck the silo mentality trend. A discussion that takes place in an echo chamber – security crowing to security about a certain product or technique to prioritize – won’t deliver long-term action points.
Find the conversations that look outwards, that aspire to push the industry in a new, more open direction, and that build bridges between sectors. Then, when the dust settles, you may have that nugget of information you need to drive your security practice to the next level.