Cybertech Midwest 2019 Debrief

July 26, 2019
Justin Hall
Director, Security Services, CBTS

We just finished a few days with our friends at the Cybertech Midwest conference in Indianapolis. I try to visit as many information security conferences as I can each year—it’s one way my team keeps up with the latest research, learns about new attack scenarios, new tools, and understands the focal points of the community.

One of my favorite things about conferences like this is getting to hear from practitioners whose day-to-day work is notably different from my own. As a consultant, I spend more time in my clients’ worlds than my own, but that means I miss out on the experiences from industries and geographies where I don’t spend much time.

An area where this is especially true is state-level government here in the United States. We’ve spent time with city/county government, and other CBTS practices have done quite a bit at the state level, but our security practice doesn’t hang out there often, and as a result, I haven’t had a ton of exposure to the challenges and gaps that folks at the state level face.

So it was really exciting to hear from so many folks here that operate at that level – both CISOs and CIOs. What I heard was:

  • Traditional thinking and solutions aren’t effective enough anymore, and not just in terms of technology, but our thinking about solving security problems. Security folks end up very “siloed” as a function of being independent advisors . . . but we need to collaborate better with other teams in the business, for example folks with other areas of responsibility (legal, finance, HR, operations).
  • For some businesses, protecting data collected and used for analytics purposes can be as—or more—important than protecting financial or personal data, as it is the lifeblood of a lot of business operations. Make sure your data protection strategy covers that as well.
  • Business e-mail compromise (BEC) and fraud are still plaguing organizations large and small. At this point, if your business doesn’t operate using gift cards (which most do not), executives in the organization should pass the word to everyone: if you get a request to buy and provide pictures of gift cards to anyone with company money, it’s fake! Report it!

Going to a conference that doesn’t just focus on traditional enterprise security helps my team keep pace with the rest of the industry—and the rest of CBTS. We field every area of IT here, and clients of every stripe, and I best serve my clients and my colleagues when I can speak competently about their worlds as well as mine.

So let me ask you, the reader: where are you advancing your awareness of activities and trends in your field? You can read more about security services from CBTS.

Read more: Justin breaks down Ohio’s Data Protection Act

Connect with our experts

Subscribe to our blog