Consider Cybersecurity Conferences to Identify Strategic Partners
For installing security contractors looking to add cybersecurity services to their portfolios, cyber conferences can be a great start.
In September I spoke at length with IT-physical security consultant Dan Dunkel, president of New Era Associates, about the role systems integrators can play in becoming a trusted cybersecurity partner with their end customers.
Achieving such a business goal — tapping into new revenue streams, and importantly, staying relevant to your end customers — begins with education and aligning with strategic partners and support resources.
These are key ingredients necessary for laying a foundation upon which to build an actual portfolio of cybersecurity services to offer current and prospective customers.
As Dunkel explained, cyber conferences — whether on a national scale such as Black Hat and RSA or regional events in your own neck of the woods — can provide the perfect opportunity to network with potential strategic partners in this burgeoning arena. There are related directories as well, such as the Cybersecurity 500, that installing security contractors can peruse to become familiar with key players, big and small.
It is in the best interest for installing security contractors, even for smaller regional providers, to consider that cybercrime can be expected to increasingly drive end-user budget decisions. Silicon Valley-based market research firm Cybersecurity Ventures, which publishes the Cybersecurity 500, forecasts global cybercrime damages will reach $6 trillion annually by 2021, up from $3 trillion last year.
Moreover, global spending on security awareness training for employees is predicted to reach $10 billion by 2027. Training employees how to recognize and defend against cyber attacks is the most under spent sector of the cybersecurity industry, according to Cybersecurity Ventures.
There’s a recent entrant to the cyber-seminar circuit for security dealers and integrators to consider going forward — the EDGE Security Conference, which was held Oct. 17-18 in Knoxville, Tenn. Organizers bill the event as being designed to educate business and technology professionals about the impact cybercrime can create, with a goal to foster a community of creative problem solvers.
While I was not in attendance, the second annual event looked to be impressive. The programming featured subject matter experts from both the private and public sectors from more than 20 different states who discussed real-world business security problems and their solutions. In a press release I received, the following top three takeaways from the conference were detailed as such:
1) Cybersecurity should be viewed as a necessity, not a hassle
If cybersecurity’s weakest link (humans) commit to stronger security, a majority of cybercrime can be thwarted. Consider: “Ninety percent of what I deal with on a regular basis could have been prevented,” said Scott Augembaum, special agent for the FBI. “And what the bad guys are doing right now is stealing email. They’re stealing the username and password, because when the bad guy gets your username and password, he gets the keys to your crown jewels. And unfortunately, since 60 to 70 percent of the population is using the same password for multiple platforms, the bad guy steals one email, such as in the Yahoo breach where the bad guys stole 3 billion Yahoo usernames and passwords. And if 60 and 70 percent of those users are using those same passwords for multiple platforms, now they’re logging in to corporate email accounts, cloud accounts, Dropbox accounts, payroll files, accounting … the list goes on. So, in my opinion, keeping email safe with two-factor authentication would solve a number of these common problems.”
2) A proactive mindset is key to keeping critical data secure
Diligence, patch management, training and planning ahead to be resilient are essential. Consider: “When companies are hit by something like ransomware and their critical data is compromised, being able to recover that data because they have a resilient backup strategy is everything,” said Tony Rucci, director of information security and threat intelligence for Information International Associates. “Most importantly, companies need to practice recovering their data to instill confidence that they are prepared in the event they become compromised.”
3) A top-down cultural shift needs to happen
A recurring theme during the conference was the promotion of C-suite executives becoming part of information security decision making. Consider: “If you think about a large company of 100,000 employees, you maybe have 100 security employees,” said Ben Johnson, co-founder of Carbon Black and co-founder and CTO of Obsidian Security. “That’s a 1,000 to 1 ratio. So, for every 1,000 people adding risk by being human, there’s one security person trying to remove risk. The more the actual employees and management get involved, the better. I do think with some of these major breaches we’ve seen recently, there have been discussions by people who are not technical at all or haven’t cared at all about security in a corporate environment, and who are now saying ‘what can I do?’ Not to say that those breaches are positive in any way, other than the silver lining might be more awareness.”
To find out more about EDGE2017, and to get updates on EDGE2018, go here.
The intent of all this is to simply provide food for thought as you plan for travel in 2018 to attend industry conferences and similar educational offerings.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!