cybersecurity
24 May 2018

No rest for cybersecurity after May GDPR madness

May has been a merry old month for cybersecurity PR. Deadline dates for both GDPR and the lesser known NIS regulations have fallen in the month, and long PR and communications campaigns have reached a frenzied crescendo.

So, June should be a time of thankful rest with marketers and PR teams resting on their laurels and taking a well-earned rest.

Well, don’t expect the biggest cybersecurity tech show, Infosec, to be an oasis of calm, free from heavy marketing clamour.

GDPR and the waves of real (Wannacry) and feared (Russian state actors turning off our water/broadband/electricity) are pushing cybersecurity to the top of the media agenda and, possibly, have made cybersecurity a strategic issue for businesses and public bodies.

Like no other year before, Infosec will be buzzing but many will be asking what’s the next big thing.

Artificial intelligence and its application in security data analytics (even early detection and prevention of attacks) and remediation (AI and robot process automation that does the difficult work of ensuring a security posture is up to scratch or does the clean up to shut down and quarantine an incident rapidly and cleanly) are going to be common themes. Another will be how, like other industries, there’s more talk about cybersecurity platforms (previously AKA as firewalls and devices) and doing more cybersecurity in the cloud. The latter is particularly profound as a short time ago cybersecurity and cloud were regarded as close to being an oxymoron. Today, vendors are following their customers into the cloud, bringing forward security solutions to protect apps and data in the cloud, as well as leverage the cloud itself to run the faster, more data-hungry analytics and proactive prevention processes required for how organisations run their operations digitally.

And when it comes to those regulations, after May the trend will be how to stay complaint and avoid being the first big name fined for a breach – so systems that expose and give early warnings of vulnerabilities and threats are going to be key. But, how to rank the best options will hinge on how much they avoid information overload and actually help a stressed CISO prioritise what to do and even automate fixes and patches.

Setting aside how much Infosec can be about FUD (fear, uncertainty and dread) marketing, some parts of the exhibition floor should reflect themes of cybersecurity as a strategic issue for both business and technology leadership. How good cybersecurity gives organisations the power to be stronger, more confident and successful digital businesses or agencies of government, and how the next wave of cybersecurity will be smarter and use developments in AI to prevent attacks happening in the first place.

For the above, you’ll still need to kick the tyres of the slogans plastered across stands and stalls at Infosec. Like any show, there’ll remain a tendency for exhibitors to be fairground hucksters, enticing visitors to death by PowerPoint with a stress ball, candy floss or Alexa Dot (I did badly last year and only got a pair of green socks).

Sample these pleasures but also check out after the show and online how much their spokespeople are quoted in the media talking about organisations’ pragmatic ways of making cybersecurity a positive capability rather than a panic attack.

The old days of cybersecurity PR being about chasing after every breach and offering pithy comment are dimming; the new game in town is thought leadership that raises cybersecurity as a preventative philosophy, empowering not blocking digital transformation and a discipline that everyone from CEO to consumer to citizen should know and promulgate.