Recently, DCSO’s Technology Scouting and Evaluation (TSE) service visited the Infosecurity Europe conference in London. Infosecurity, also known as InfoSec, is a congress series for IT- and cyber-security vendors of all sizes and maturities. This particular event in London is the region’s largest, annual conference in its field with over 400 exhibitors and more than 15,000 visitors. It is thus a valuable opportunity for potential customers, curious individuals as well as consulting and advising firms.
For us, the two security domains „Deception“ and „Data Loss Prevention (DLP)“ were of special interest for this year’s InfoSec. Within the Technology Scouting and Evaluation service, market research and the evaluation of promising products for those domains are actively demanded by the customer-base and planned for the near future.
Throw away your honeypot – or not?
Deception solutions were mainly marketed as network intrusion detection systems and had a strong foothold on the event. We perceived this product category to be on a rise and faced many vendors proclaiming deceptive solutions as „the next logical step“ for network security. This somewhat goes hand-in-hand with our current customer demands, though the effectiveness of those products has yet to be proven. Vendors try to differentiate between „Deception“ and „Honeypot“ technologies but fail to properly outline the technological differences and actual benefits. During the conference, we faced many deception solutions with different degrees of sophistication, ranging from purely virtualized environments to hardware-based deception platforms with or without endpoint lures.
Data protection everywhere
As „data protection“ is in the focus of almost every IT security strategy, it becomes more and more challenging to find appropriate solutions for specific use cases. We were looking for products with local DLP capabilities and spotted different approaches from post-breach forensics and remediation solutions to full stack prevention products consisting of endpoint agents and network scanners. Some products even ship a GDPR or compliance scanner to identify sensitive data (e.g., personally identifiable information) in the customer’s network and provide respective reporting features. With the introduction of GDPR last year and upcoming privacy acts, the general awareness of meeting regulatory requirements was raised and discussed throughout all product categories. However, while GDPR- and compliance-assisting solutions were prominently displayed on last year’s InfoSec, they only played a minor role this time.
Hi, we are from Germany… Ah, ich auch.
While speaking with various vendors of all sizes, we noticed that the German-speaking DACH region is a serious target market for many IT security vendors. All reasonably sized companies not only provide dedicated German sales, but also brought the responsible personnel to the conference. As a result, the majority of discussions were surprisingly led in German. Nevertheless, companies originating from Germany are still a niche – which is growing steadily, though. While German products and vendors certainly do not trail behind technology-wise, they, unlike other European vendors, often lack a proper (re-)presentation and public awareness.
All in all,
Infosecurity Europe 2019 presented itself with a diverse product portfolio ranging from trending DevSecOps and Deception solutions to well-aged endpoint products. Most established vendors of the cyber security market ran a booth this year; only some key players, including FireEye, RSA, and Zscaler, did not take part at this year’s conference, leaving other well-known vendors like CrowdStrike, Symantec, and Cisco with more space.
Whereas last year’s InfoSec strongly focused on GDPR, we could hardly spot trending topics or technologies this year; the industry seems to regain its product and topic diversity. Surprisingly, OT security topics were basically non-existent despite the convergence of OT and IT security, as well as the number of security vendors providing solutions in that domain. In contrast to similar venues, the strong representation of vendors themselves was noticeable. The presence of partner firms or resellers that showcase products was the exception.
Who we are
The „Technology Scouting & Evaluation“ (TSE) service identifies and evaluates promising IT security solutions. With this service, DCSO supports companies in staying ahead of a dynamic and ever-changing market. The centralized and unbiased evaluation process is supplemented with the experience of all community members.