Review of The 6th Annual InfoSecurity New York Conference and Exhibition

Review of The 6th Annual InfoSecurity New York Conference and Exhibition
The 6th Annual InfoSecurity New York Conference and Exhibition was a major draw for financial institutions seeking the best and the latest products and services available in the information security industry. Take the following excerpt for example, which gives a brief but succinct description of the event:

We have assembled the finest minds in the information security industry. . . with access to 175 companies, featuring new solutions, crucial to developing a secure and compliant information infrastructure within any size business.

This conference offered cutting-edge solutions for financial institutions looking to secure their IT infrastructure and maintain the overall integrity of their information security programs. Due to the evolving nature of cyber threats, effective security measures are not resolved with a single quick-fix; rather, it is an ongoing process that requires continual awareness of the newest threats and their countermeasures. Couple this fact with the increasing reliance on the Internet and digital data storage, and information security becomes paramount for every bank, credit union, and financial services organization.

For the average bank employee, such issues are easily written off as the responsibility of more technical personnel – perhaps, the sole problem of the head of the IT department – often acting as the CISO and/or other roles. However, as one comes to realize from attending this conference, there are a plethora of vendors and solutions which can have an impact on numerous people within an organization, and therefore, the security solutions by which a company may ascribe to. Among the solutions provided, there exist data encryption, IT auditing services, application security solutions, biometrics, end-to-end infrastructure management… and these services are just a handful of those available.

A large number of different sized companies were present at the exhibition, including some of the leading companies in information security, such as Qualys, Promisec, Watchfire, Verisign and Cenzic. These organizations offer a wide array of services and resources to serve your financial institution’s information technology needs. Whether your institution requires simple IT risk assessment or a full-enterprise database infrastructure centralization and standardization, InfoSec NY provided a complete spectrum of provider solutions. (Click here for a full list of the vendors and their services.)

In a world where both threats and solutions are constantly evolving, educating yourself about the various security providers available is no longer an issue of compliance and best-practices. A proactive approach to your institution’s security is now the minimum requirement needed in order to stay abreast of managing your organization’s mission-critical procedures.

However, with an awareness of the vendors and their provided solutions, an informed grasp of the upcoming issues affecting the industry is a necessary complement for choosing the proper solution that best fits your company. InfoSec NY provided both elements by offering informative sessions hosted by field experts and other authorities in addition to vendor resources. The issues discussed during the conference ranged from general aspects affecting the overall industry, to specific concerns such as identifying emerging threats, and addressing compliance, homeland security and professional development. Needless to say, information security as a whole includes a variety of topics; for the financial industry, the panels relevant to your institution not only included an explanation into the state of regulatory compliance, but included valuable insights into improving your institution’s comparative advantage through IT governance.

For example, take the new Ponemon Institute study released at InfoSec NY. The study, titled the 2006 Cost of a Data Breach, focuses on the negative impact that institutions experience as a result of data breaches. (For the complete report, please visit: www.vontu.com/offers/pdf_load.asp?p=/uploadedFiles/global/2006_Cost_of_Data_Breach_Report_V_2.pdf) With reputation being paramount to any financial institution's success, an awareness of the scope of these threats can give your company a more competitive edge.

Out of the companies surveyed, the study found 72 percent of breaches occurred because of a lack of protection. Yet regardless of this fact, the costs caused by breaches are primarily reactive, with costs increasing with relation to collateral mitigation, such as:

- a 55 percent focus in marketing costs
- a 34 percent focus in customer support costs
- an 11 percent focus in legal, audit, and risk management cost
- a 0 percent focus in IT security costs

With the IT department bearing none of the costs related to addressing data breaches, such a trend will continue for those who do not maintain a best-practices information security posture. Financial institutions that proactively address information security threats, on the other hand, go beyond mere compliance and instead turn information security to its own advantage. Instead of protecting your financial institution's reputation after the fact, your institution can be portrayed as an industry paradigm.

All this, and more are included. From attending InfoSec NY, the tracks available satisfied every information security need for all financial institutions, whether they attended to simply touch base with the industry trends, or to gain insightful methods into improving their business posture. As for the general atmosphere of the discussion panels, the warm reception and the number of pleased nods the sessions provoked was a good indicator of the audience's approval. The speakers at the conference are leading authorities in the information security industry, and this sort of valuable information is rarely found anywhere else.

In summation, InfoSec NY offered much more than a gathering of information security companies. The event put forth some of the most insightful educational material available in the industry. For the financial institutions that attended, this was a truly beneficial event that clearly defined their organization's agenda towards a comprehensive information security posture.





Around the Network