It has only been a few days since I returned from a spate of back-to-back security conferences in Europe in the early part of May. AMTSO (not really a conference, strictly-speaking) and CARO were held in Prague, Czech Republic, and EICAR was held in Krems, Austria, both mouth-wateringly picturesque venues.
CARO and EICAR focussed on significantly different topics, with certain highlights and disappointments in both. No different from any other security conference I suppose. Let us focus only on some of the highs here.
The CARO workshop was meant to focus on “hardening the net”. The highlights included the keynote presentation, by Igor Muttik of McAfee, on the fact that malware seems to exist everywhere, including in the most unexpected places. The most interesting presentation, in my opinion, was the one by Dmitry Volkov of GroupIB focussing on the state of cybercrime in Russia and her neighbouring states, the absence of satisfactory employment for young IT professionals and the plethora of legal loopholes being identified as key drivers.
EICAR’s main focus was on “Cyber War”, exemplified by an interesting keynote presentation by Rainer Fahs. It was very interesting to get a viewpoint on nation-to-nation computer system attacks, the infamous Stuxnet being a prime example, from the perspective of international politics and military diplomacy, rather than focus on the technical aspects of the malware … again. The role of Anti-Virus in fighting cyber wars was also discussed, the general consensus being that AV would find it difficult to deal with unpredictable, sophisticated, and targeted state-sponsored attacks on computer systems. Nevertheless we would do our best to protect our clients.
Looking forward to the next set of security conferences which encourage a good exchange of information and, usually, healthy debate.
Images courtesy of infosecevents.net and caro2011.org
Senior Manager, K7TCL