IT security professionals, policemen and politicians will all be flocking to the largest annual security event in Europe this week. On Tuesday, Infosecurity Europe 2007 will kick off at the exhibition hall at London's Kensington Olympia. With over 330 exhibitors, 150 of whom will be showcasing new products, this year's show promises to be as lively as ever.
In the opening keynote, Lord Broers will discuss the results of the House of Lords Science and Technology Committee's fact-finding inquiry into internet security. The Lords visited Redmond to imbibe some of Microsoft's security wisdom. We will find out what they learnt.
Derek Wyatt MP, chair of the All Party Internet Group, will highlight some of the key measures that will be put in place around the security of the 2012 Olympic Games.
Topics being discussed in the keynote speeches this year include wireless security and identity management. Although many IT managers consider themselves knowledgeable on Wi-Fi security, Phil Cracknell, UK president of the Information Systems Security Association, will argue in a panel discussion that much more can be done.
"With recent surveys showing that over 80 percent of UK businesses now have a 'wireless policy' or a statement regarding the use of wireless equipment, you would think that it was a case of 'job done' as the message is coming through loud and clear. Stop the fear, uncertainty and doubt — I think they've got it!" said Cracknell. "However, on closer scrutiny, it would appear that corporate wireless users have only scratched the surface. Little, if any, provision is present for the important and increasing issues of wireless scanning, rogue hotspots, and drifting clients."
Identity management can be a major consideration for IT managers as they constantly reassess which privileges users should be granted, while taking into account an increasingly mobile and disparate workforce. Identity management is certainly high on the agenda for Toby Stevens, vice chairman of the British Computing Society security forum, who will participate in a panel discussion on the subject led by Merlin, Earl of Erroll.
"Identity management is one of the most misused and abused expressions in modern computing," said Stevens. "The vested interests behind identity cards, biometric technologies and single sign-on systems have created an environment where it is almost impossible to distinguish between technology fact, science fiction and commercial propaganda. The heated debate around these issues is eroding public confidence in the industry's trustworthiness, and it is high time that we adopt a more transparent dialogue about system capabilities — and shortcomings — so that we can create identity assurance systems that serve providers and users alike."
Mobile device security will get the once-over with a panel discussion entitled: "Is your network even remotely secure?" Steven Furnell, professor of information systems security at the University of Plymouth, will argue that the proliferation of small mobile devices tacked onto corporate networks could lead to compromised security.
"If we specifically consider devices such as smartphones and PDAs, then not only does the size and mobility of the devices render them far more susceptible to loss and theft, but they are also more limited in the security options that are available," said Furnell. "In addition, the usage of the devices affects the security that will be tolerable. For example, although we might be happy enough entering a 10-character password to access a laptop, this would be less acceptable on a PDA that is frequently used for short periods. Indeed, such devices are often left entirely unprotected against unauthorised access."
The question of who to report e-crime to, and when, will be addressed by government officials and ex-policemen. Every business is subject to crime every day — but at what point does it become sensible for you to report it? Geoff Smith, head of information security policy for the DTI, and Tony Neate, managing director of GetSafeOnline, will offer their pearls of wisdom on who businesses can turn to, to address this serious concern.
Security guru Bruce Schneier will debate the psychology of security in his keynote session and Bob Ayers, associate fellow at the Chatham House information security programme, will lead a panel on insider threats.
Jon Fell, a partner at IT solicitors Pinsent Masons will chair the hackers' panel — information security specialists' chance to bite back at the attackers — while this year also sees the return of "The Lion's Den", an arena for seven leading product specialists to put their products on the line in front of a panel of experts in a battle between "Gladiators" and "Lions". There is also an Implementation Forum, a networking event designed to address key inhibitors that IT managers face when implementing information security products.