Infosecurity Europe 2023: Reflections on this year's show
AI, Exposure Management and Innovation at the UK’s biggest cybersecurity conference
It’s nearly two weeks since Infosecurity Europe 2023 finished, so we’ve all had a chance to recover. The show returned last year for the first time since the pandemic but was massively affected by the ongoing train and tube strikes at the time (so much has changed!) so this was the first year where the event could be said to be ‘back to normal’, or, as the Omdia team say in their show write-up (registration required) ‘fourth time lucky’! So, what impressions did the Noetic team take from this year’s conference?
First, there was a real buzz around the show again. We are yet to see the official visitor numbers for 2023, but from the opening of the show on Tuesday morning until the close on Thursday afternoon, there was a steady stream of visitors across the show floor which was great to see. I also felt it was one of the better events I’ve attended recently in terms of the quality of discussions at the booth. I was happy to open the presentation content with our VP of Product Management, Ken Green, at the Strategy Talk theatre on Tuesday morning and was delighted to see a full room for the 10am session.
Walking around the show floor on Day 1, it was clear that the larger vendors were backing the show with significant investment. As we discussed in our RSA 2023 recap, 2023 has been a tough year for the cybersecurity industry, and we continue to see layoffs across the industry. Considering these broader economic factors, it is encouraging to see the continued investment in the show and the presence of many emerging vendors for the first time, particularly in the DSIT’s Cyber Innovation Zone.
Addressing Attack Surface and Exposure Management challenges at Infosecurity Europe
Security leaders are increasingly focused on how best to reduce their exposure to attacks and to identify unprotected assets, and we saw plenty of evidence of this at Infosecurity Europe this year.
The session from David Boda, Chief Security and Resilience Officer at Nationwide Building Society on Day 3 of the show was particularly interesting. They are trialing a new team as part of the security organization to specifically focus on managing their external and internal attack surface. A critical point he made during the talk was that this approach should also drive value by finding under-utilized security investments the team has already made, and by helping the SOC (Security Operations Center) to prioritize the incident response process.
This aligns closely to what we see with our customers, as by understanding asset exposure and security coverage gaps, security teams can make sure that their current security tooling is deployed effectively and that they are supplying the right level of context and insights to various parts of the security organization, whether that is DevSecOps, GRC or Security Operations.
These were topics that Ken Green and I addressed in our session on ‘Building an effective Threat Exposure Management Program’ on Day 1 of the show. We looked at Gartner’s 5 steps of the CTEM process and how security teams could align their technology approach with Gartner’s recommendations. It was great to see such a busy room for the talk and we appreciate the questions, and feedback we received on the topic.
The inevitable AI, LLM, ChatGPT noise
As we saw earlier in the year at the RSA conference, ChatGPT and the effects of AI for good and bad continue to be a major topic of discussion, as well as a healthy amount of fear-mongering. Many of the technology and strategy talks looked at how the security industry can leverage the benefits of ChatGPT, Bard and other AI advances to make security knowledge and tooling more universally accessible and simple to use and vendors, including Ironscales, announced new capabilities in this area
The malicious use of AI tools and how best to combat them was also a topic that was widely covered at the show, both as a tool used by attackers to generate more effective email phishing attacks, or uncover exploitable vulnerabilities, but also as an attack vector itself, with concern growing around companies sharing sensitive information in ChatGPT queries which could then be compromised. More than 100,000 compromised accounts have been found for sale on the dark web in the past 12 months.
Building the Security Ecosystem
An important part of an event like Infosecurity Europe is reconnecting with old colleagues, partners and investors and it is this ecosystem that helps us to drive the collaboration and innovation that the industry needs to thrive. So, we were delighted to support our partner Cybanetix, an award-winning provider of managed Cyber Security Services, as one of their new vendors on their Infosecurity stand, supporting their experts in discussions with customers.
It was also fantastic as always to catch up with our investor Ten Eleven Ventures at their summer drinks party in Shoreditch around the show. A great mix of the London investment community, portfolio companies and security leaders. We always appreciate the support from Mark, Megan and the whole Ten Eleven team.
As we move forward into the second half of 2023, we’re building on the success of Infosecurity Europe and look forward to engaging with customers and partners at industry events in the UK and North America. For now, if you’re looking to find out more about how Noetic is helping organizations with their Exposure and Attack Surface Management challenges, join us at one of our upcoming live demos.
About The Author(s)
