Cybercrime Conference Returns to DublinIRISSCERT to Focus on Crime Trends, Incident Response, Spam Fighting and Cybersecurity for Kids
The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response essentials, spam fighting and even cybersecurity essentials for children.
This year's IRISSCON features speakers from Ireland, the Netherlands, the U.S. and beyond. It's again being organized by Brian Honan, who heads Dublin-based information security consultancy BH Consulting. He founded Ireland's first computer emergency response team, IRISSCERT.
"The majority of businesses need not worry about the more complicated things in the world. It's bog-standard phishing and unpatched systems. That's what we see on an ongoing basis in our investigations."
"For me, the highlight of IRISSCON is not just the speakers we have, but the opportunity for the community to meet and share their experiences," Honan tells me. "We try to provide a very relaxed and social environment, and you have the mixture of the T-shirts and the ties, which is a good way to describe what we're trying to achieve."
This year's roster of IRISSCON speakers includes Richard Browne, director of Ireland's National Cyber Security Centre - Ireland's national CERT - who will be outlining both the work of his organization as well as the threats facing Ireland.
IBM X-Force is returning to run a "capture the flag" competition that occurs in parallel with the main conference - literally, in the ballroom next door at Ballsbridge Hotel, where the conference is again being held.
Some of the other cybersecurity topics to be covered include:
- Cybercrime: Bob McArdle of Trend Micro, who's an expert in cybercrime tactics, including underground forums, will offer timely insights.
- Trust: Wendy Nather of Duo Security will discuss how to trust security in today's zero-trust world.
- Spam: Martijn Grooten, editor of Virus Bulletin, will relay lessons learned from the front lines of spam fighting.
- CISOs: Jacky Fox of the consultancy Deloitte will look at the evolving role of the CISO.
- Perspective: Information security veteran Jack Daniel will look at the past, present and future of information security.
- Awareness: Javvad Malik, a security advocate at AlienVault, will discuss the topic of taking security seriously.
- Repeatability: Ira Winkler of Secure Mentem will focus on "advanced persistent security."
- Safety: Cliona Curley of Cyber Safe Ireland, which aims to educate children about how to be more secure and resilient online, will offer advice.
Honan says he's looking forward to Curley's talk in particular because it will be looking at the bigger picture question of: How can we keep our children safe online?
"This generation maybe has lost the battle to be safe online," he says. "But we shouldn't give up on the future generations to make them more able to respond to and identify cyberattacks and bullying."
Ongoing: BEC, Ransomware, Cryptomining
Back in 2015, an inspector from An Garda Siochana - the Irish police - told attendees at IRISSCON that online scams and extortion targeting Irish businesses remained prevalent and that scammers were continuing to run business email compromise, aka CEO fraud, campaigns (see: 13 Scenes from an Irish Cybercrime Conference).
Three years later, while criminals' tactics and techniques may have evolved, those attacks remain alarmingly prevalent (see: French Cinema Chain Fires Dutch Executives Over 'CEO Fraud').
"It keeps happening, and as long as people keep responding to those emails, it's going to keep happening - criminals don't need to use zero-day attacks or complicated attacks," says Honan, who is also a cybersecurity adviser to the EU's law enforcement intelligence agency, Europol.
"The majority of businesses need not worry about the more complicated things in the world," he says. "It's bog-standard phishing and unpatched systems. That's what we see on an ongoing basis in our investigations."
Some of this year's discussions promise to touch on the ongoing risk posed by cryptomining malware and ransomware attacks, which Europol says remain prevalent (see: Cybercrime: 15 Top Threats and Trends).
"The key message around ransomware and cryptomining is that if you're wondering where the next threat is going to come from, it's the old cliché: Follow the money," Honan says. "Criminals want to make money at the lowest cost possible. Ransomware is a quick and easy way to make money and that's why they're doing it."
Stay tuned for updates from the conference.