Reflections on Infosecurity Europe

Last week’s Infosecurity Europe was an excellent opportunity to compare notes with practitioners from hundreds of customer and vendor organisations. This year is an interesting one for information security, as the sector is recovering rapidly from last year’s recession, and the reality of externalisation is hitting home, with many enterprises placing much greater priority on securing the supply chain.

I haven’t checked the official figures but my impression was that this year’s show seemed bigger and better attended, with a wider variety of products. Customers also seemed more focused on what they were looking for, which is good news for vendors. As usual, the show was brilliantly organised with a good layout, a thoughtful programme and good audio visual support.

The Infosecurity education programme is generally one of the best, because the organisers go to enormous lengths to consult stakeholders, and they give preference to keynote addresses by non-vendors. It’s a growing challenge of course to find top CISOs who have time and permission to speak, and who didn’t present at last year’s event. But the end result is a more varied and realistic programme, with less marketing hype, though perhaps lacking a strong, underlying theme.

There were certainly gaps in this year’s programme: cloud computing, security awareness and supply chain security should have been more prominent. But there were also interesting new topics, such as convergence and integrity, and a timely opening address by the Information Commissioner’s Office on the latest developments in data protection and privacy.

One pleasing trend is a greater focus on operational issues rather than just technology. Perhaps vendors are finally realising that the real issue is not whether you have a firewall, IDS or encryption facility, but how well it’s set up and used. This will be a growing theme over the next few years as regulators and auditors get smarter.

It was also good to see more vendors offering open, cheaper or free services, which is good news for enterprises with limited budgets. Vendors today need to demonstrate thought leadership and support the community, rather than just sustain a commercial cash cow. In an increasingly fast-changing business environment, the vendors that are most successful will be those who are passionate about their products. Qualys are a good example of that. This year they also offered free beer on their stand.

Speaking of beer, we must not forget the ‘extra mural’ stands, such as the excellent Portcullis Arms which once again provided superb hospitality, company and entertainment to the great and the good. It’s a great meeting place for CISOs, and another huge success for Clive T. Room, their brilliant marketing director. This year they also had a new rival in Integralis who took over the Kings Head. It was an excellent first effort, and hopefully the first of many more.