Visual Journal: Infosecurity Europe 2017London Cybersecurity Event Tackles Breaches, GDPR, Ransomware, IoT and More
Cybersecurity in London: This week's Infosecurity Europe conference featured 240 speakers, 360 exhibitors and an estimated 18,000 attendees.
See Also: Passwords Alone Aren't Enough
Here are 13 visual highlights from the three-day information security event, ranging from tchotchkes and keynotes to 19th century architecture and live hacks of internet-connected devices.
The conference was again held at Olympia London, an exhibition center, event space and conference center in the West Kensington district.
Former National Agriculture Hall
Built in 1886, Olympia was originally christened as the National Agricultural Hall. While its interior features wonderful "wrought iron age" details, the hall inevitably begins to feel sauna-like on warm London summer days.
Rainy With a Chance of Deluge
While London has a reputation for rain, Britain's Met Office - the national weather service - says there's no appreciable rain, on average, for 70 out of every 100 days. Tuesday, however, saw heavy downpours in the morning hours of the conference's kickoff.
Seating: Supply Battles Demand
As in past years, queues remained long for popular keynotes, and the keynote space - a square area curtained off on the upper level - felt too small for more popular draws.
Anyone who didn't manage to get a seat could move to a nearby overflow area and listen in, as in this panel devoted to the EU's General Data Protection Regulation.
White Hat Rally
Once again, information security community volunteers for a White Hat Rally took to costume - this year's theme was "Knight Riders" - to raise money for charities that aim to prevent cruelty to children.
Tchotchke-wise, T-shirts printed on demand made an appearance. Past favorites - light sabers, cool flashlights, light-up glasses and artists drawing caricatures of attendees - also made a repeat showing.
Even a Wind Tunnel
My award for hands-down favorite booth on the show floor this year goes to Sophos, which rigged up a wind tunnel with foam balls. The object: Catch white balls, each worth one point, and the gold ball, worth 10 points, while avoiding the blue ones, worth minus-two points. After 30 seconds, all balls were deposited into a chute for counting - and if you're good, your score was added to the leaderboard.
Live Demos: Internet of Exploitable Things
One popular topic for discussion was the Mirai botnet, which last year began infecting internet-connected devices - including routers and baby monitors - and used them to launch massive distributed denial-of-service attacks. But other internet-connected menaces also made an appearance, including the internet-connected Cayla doll - most recently seen on the cybersecurity stage at OWASP's AppSec EU conference last month in Belfast, North Ireland. The doll is now banned in Germany.
More mundane, hackable household items were also in attendance. "We have a brand-new WiFi kettle to hack for you!" Ken Munro of penetration testing firm Pen Test Partners told his exhibition floor audience.
Hearing From Top Cybersecurity Experts
Throughout the conference, Information Security Media Group conducted video interviews with dozens of cybersecurity experts. Stay tuned; we'll be posting every video, touching on everything from ransomware, threat trends and fraud prevention to GDPR, breach detection and the never-ending encryption crypto debate.
Keynote presentations delivered during the week included security veteran Bruce Schneier discussing computer automation and its increasing impact on the physical world, as well as panel discussions devoted to creating agile security teams, complying with GDPR and more quickly responding to security incidents.
Another keynote featured veteran British broadcaster Jeremy Paxman analyzing the current political climate - although saying nothing of substance in regards to information security. Meanwhile, Sebastian Coe, former chairman of the British Olympic Association, discussed how problems relating to the 2012 Olympics in London were successfully identified and overcome before the games launched.
In Coe's case, fittingly for the Olympics, extreme preparation paid off. "We stress-tested our IT systems for 200,000 hours in the last couple of years leading up to the Olympic Games," he said. "There are no risk-free options in the delivery of something like the Olympic Games, but I think overall we left the country in much better shape."
Blaming Users Is a Crutch
One information security trope is that if only users would be smarter, so many security problems could be prevented. But Angela Sasse, director of the U.K. Research Institute in Science of Cyber Security and a professor at University College London, dismissed that attitude in no uncertain terms. "Half of security problems are down to crap IT," she said.
At RISCS, no one is allowed to suggest that people are the problem, she said. "It's counterproductive" and doesn't help security experts better engage with users and encourage them to adopt less risky behaviors, she stressed.
Stella Rimington, the former director of MI5, Britain's domestic intelligence agency, delivered the opening keynote presentation Tuesday. Her speech, titled the same as a memoir she has written, touched on the London Bridge and Borough Market attacks on Saturday.
The attacks have been quickly seized on by some political figures, including Prime Minister Theresa May, who promised to suspend Britain's compliance with the European court of human rights if it was necessary to allow Britain to better detain and monitor terrorism suspects. But this appears to be political bulster, as May's previous attempts to do exactly that, while serving as home secretary, were repeatedly struck down by Britain's highest court.
Rimington, having led counterterrorism operations at MI5, warned against half-considered measures. After blaming the attackers after an atrocity, people inevitably next blame police and intelligence services for failing to have prevented the attack. She acknowledged that authorities need to better counter today's increasingly complex attacks, launched by individuals with "hideous ideologies" and "a determination to kill people." But she warned against doing so in haste (see Former MI5 Director Cautions: Keep Calm and Slowly Evolve).
Photography: Mathew Schwartz