Infosecurity Europe 2023 Key Trends, Learnings & Insights

The anticipated conference of Infosecurity Europe 2023 unfolded as an exhilarating event, revealing pivotal takeaways and transformative trends. Rethinking the power of infosecurity emerged as the key theme, with participants emphasizing the need for security in the current challenging landscape. Additional topics of discussion were the acquired importance of Generative AI and its conjunction with cyber crime, the importance of Operational Technology (OT) security and the new expanded attack surface. In this blog, we’ll highlight some of the key themes:

The Future of Cyberwarfare

The discussion on cyberwarfare at Infosecurity Europe was intense, with experts warning of the growing threat posed by rogue nations and their supported agents. The changing pace of technology and geo-political turmoil are enabling these entities to attack. The stakes are high, with bad actors seeking to take critical assets offline and make a crippling impact on societies.

If you missed Chris Dobrec’s, VP Product and Industry Solutions at Armis, session about the Future of Cyberwarfare: Defending our Critical Infrastructure, you can read the main insights presented in DarkReading. As the threat of cyberwarfare continues to evolve, it is essential for governments and organizations to understand the nature of the threat and prepare accordingly.

One aspect that received significant attention was the escalating risks posed to Operational Technology (OT). Sectors such as manufacturing, utilities, and transportation, which play a vital role in our daily lives, face heightened risks as bad actors seek to exploit vulnerabilities in these infrastructures. Fortunately, there is a rising awareness of the OT risk and we saw increased focus on the topic at the Infosecurity floor. We even had the pleasure to be joined by PwC on our booth to raise awareness of the key steps to define, assess, remediate and manage OT Cyber Security.

Generative AI and Cyber Crime Sophistication

AI has a twofold potential. On one hand, it is used to automate and enhance cyber resilience and efficiency across the sector. But on the other hand, as with any emerging technology, there are risks associated. The use of AI in cyber is not new, however, the emergence of Generative AI has made it easier for cybercriminals to attack. These technologies can be used to automate attacks, identify vulnerabilities, and launch targeted attacks. Its capabilities of creating highly convincing fake personas and other social engineering tactics that can trick users into divulging sensitive information or granting access to corporate systems are something out of a sci-fi novel. Nadir Izrael, Armis’ co-founder and CTO, has been vocal about its potential risks, and benefits.

To address this emerging threat, cybersecurity experts are exploring new approaches to detecting and mitigating phishing campaigns that also use generative AI. And collaboration between industry experts and the development of new tools and strategies were raised as key to effectively managing the use of these technologies.

The New Attack Surface

The traditional approach to Attack Surface Management (ASM) is no longer sufficient in today’s hyper-connected, always-on, and perimeter-less environment. As the number of devices, applications, and systems that organizations use grows, so does their attack surface, which means that there are more entry points for cybercriminals to exploit.

Coupled with  the emergence of AI, machine learning, and quantum computing technologies (something we glimpsed at the conference, but that will take a few more years to fully unfold) means that legacy cybersecurity systems and tools won’t be able to keep up with the changing pace of cybercrime. The sheer volume and complexity of data that needs to be analyzed to detect and respond to threats is growing exponentially, and traditional ASM tools simply can’t keep up.

Given these challenges, organizations need to adopt new and innovative approaches to ASM that take into account the changing nature of the cyber threat landscape. Additionally, focusing on developing a strong security culture and educating employees on the latest threats and best practices for staying secure is key in a constantly evolving threat landscape.