Download the Cyber Security Crashcourse

Slides from IFSEC International 2015

Eric Hansleman speaking at Interop Las Vegas

Eric Hansleman speaking recently at Interop Las Vegas

“In the last year,” said Eric Hansleman, “businesses spent $70bn on cyber security. Meanwhile criminals will have made 10-20 times that amount”.

At IFSEC 2015, Eric Hansleman from 451 Research presented a rapid-fire overview of cyber security. The DarkReading Cyber Security Crashcourse – introduced with Sara Peters, Senior Editor for Dark Reading – was 40 slides packed with insight into the trends shaping the industry and how you can protect yourself.

You can download the slidedeck by filling out the form on the right…

Some 75% of IT professionals believe their organisations are about as vulnerable, or more vulnerable, to attacks than this time a year ago. As devices and applications proliferate and complexity grows, to be successful at securing our IT assets we have to be successful all the time.

IT security budgets continue to increase with half of surveyed respondents increasing security planning. Diversification of options is proving a major challenge.

The various security technologies that a typical enterprise needs to employ is growing with fragmented spend:



 Today’s threat environment

Eric emphasised the need for a change in attitude, start from a position that “we have already been compromised”.  While a maintaining a firewall perimeter is still important,  multi-layered defences are required to truly protect your data.

Every business now faces a multitude of adversaries, including “a generation of cyber criminals for whom this is their day job” and attacks often blamed on “nation states” such as North Korea. As Eric explained, it is hard to identify who is really behind an attack. For example, Kaspersky Labs thought that they had been attacked by either Israel or the United States due to the tools the hackers used.

At the top of your list of adversaries should be your own authorised users, who are the greatest risk to security.

Social engineering of your users has been used tremendously effectively by hackers. Indeed, 91% of targeted attacks involve phishing emails to trick users into giving up sensitive information.

Attacks are proven to be much more effective if they use personal information, with mobile devices making this much more of a problem as phishing has as much as a 30% higher success rate on a mobile device.  “The data you have will always be valuable to someone – either directly or indirectly.”

The ‘Salesforce effect’ – whereby all different users are using pay-as-you-go cloud services – puts pressure on IT teams to maintain security standards with cloud capabilities purchased outside of corporate IT buying. Any marketing manager with a credit card can purchase cloud services. Hosting data in the cloud and moving it onto different platforms carries a far greater risk of disclosure.

Password alternatives have helped somewhat, but still come with limitations:

Password alternatives

As a solution, Eric recommended the FIDO alliance to businesses who are looking to integrate more sophisticated authentication into their IT infrastructure:



It’s what you don’t know that will hurt you

With employees being the greatest vulnerability, Eric emphasised that the best investment business can make is in education. Only through ongoing training of employees can businesses deal with the cyber security threats.

Eric reported that there are encouraging signs of improvements in understanding and expectations for risk management, as can be seen in this table of changing attitudes from the Cloud Security Alliance (CSA):

2010 to 2013


The part that IT has to play is moving from the department of ‘no’ to the department of ‘know’ – educating colleagues about new technologies to better enable, rather than resist, change.

You can download the full Cyber Security Crashcourse presentation by entering your details in the form on the top right of this page.

Register today for IFSEC 2023

16-18 May 2023, ExCeL London | IFSEC 2023: Recognising the past, embracing the future

Join thousands of likeminded security and risk professionals at IFSEC 2023 in May, as the UK's largest and longest running security event looks ahead to what's next in the sector as it celebrates its 50th birthday. This year will see the launch of the IFSEC distributor network, while London's new Elizabeth Line makes travel to the venue easier than ever!

You’ll find hundreds of leading exhibitors from the physical and integrated security sector, showcasing all the latest in video surveillance, access control, intruder detection, perimeter protection and software solutions. Join the community and secure your ticket today!

  • By downloading this content you understand that Informa Markets and the sponsor (if applicable) are providing you with this service, free of charge, with the explicit intent of identifying business leaders with a legitimate interest in Informa Markets and the sponsor (if applicable) products and services for which you will receive marketing communications following submission of this form and your detaisl.

    If you do not wish to continue receiving marketing from Informa Markets and the sponsor (if applicable) you will be able to unsubscribe using the links provided and you will receive no further marketing communications related to this content. If you do not wish to receive any communications from Informa Markets and the sponsor (if applcable) please do not submit this form.

    Please view our Privacy Policy