InfoSec 2011: The big themes


Another year, another InfoSec that was the phrase heard numerous times at this year's event at Earl's Court.

Outside of these somewhat mocking musings, there was plenty of debate this week around the major security themes of 2011, as experts from across the world came together for the manic event.

There was plenty going on, but what were the highlights of this year's InfoSecurity 2011 conference?


Surely the most talked-about subject at InfoSec 2011 was consumerisation and just how IT departments are supposed to deal with it. This has been an issue for some time now, but with the strong uptake in tablets and smartphones, the consumerisation of IT has become increasingly pertinent.

Indeed, the first keynote of InfoSec 2011 was delivered by Lord Erroll, who discussed the use of consumer devices in the workplace and in Government. It seems the same challenges appear in both the public and private spheres.

First there is the problem of employees taking business data away from the corporate network. Then there is the issue of workers bringing infections in. It's pretty much that simple.

Device and access control is key here, as well as improved education to ensure employees take security seriously. Organisations need to ensure they have coverage of the different operating systems workers use too.

Although people appear to understand the dangers, precautions are not being taken across the board. A Sophos report released during the conference showed 92 per cent of customers believed mobile devices increased the security risk to data, yet 40 per cent were not securing such devices.

Despite the consumerisation of IT being an old theme, it appears people aren't quite getting the message yet.

ICO issues

The second day keynote was delivered by the deputy commissioner at the ICO, David Smith. What initially promised to be a rather dull speech about things we already knew about namely what the ICO does and has done recently became much livelier thanks to a certain freedom of information (FoI) request.

Put in by encryption firm ViaSat, the FoI request showed the ICO had fined less than one per cent of all cases since 6 April 2010, with just 36 out of 2,565 data breaches acted on, and only four cases resulting in monetary fines.

Smith refuted the figures during his speech, however, claiming only around 1,500 cases had been explored by the ICO since November 2007.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.