In just seven years, Brian Bourne of solution provider CMS Consulting and a dedicated team of volunteers from across the IT security community have built the annual SecTor Security Education Conference into the top IT security conference in Canada. This year’s was perhaps the biggest yet, offering insight on a wide range of pressing issues around IT security in Canada.
The IT World Canada family of publications had SecTor covered on all bases this week. From the enterprise angle, Howard Solomon reported on a presentation by U.S. researcher and author Gene Kim, who told SecTor attendees that collaboration between software developers and IT operations staff — dubbed DevOps — is the only way for troubled organizations to pull themselves out of a dangerous downward spiral of putting out bugging and insecure code.
We also learned that a group of Canadian IT security professionals hopes to officially set up a national computer emergency response team (CERT) network next month that will run round the clock, and act as warning system to spread news to the private sector and governments about cyber attacks. SecTor panelists also debated whether there should be limits to ethical hacking and explored the various ethical, legal and moral lines, and Kevvie Fowler, a risk consulting partner at KPMG Canada, raised serious security concerns around the open source Apache Hadoop platform for big data management, which has had a meteoric rise since its release in 2006.
And from the small and medium-sized business perspective, over at ITBusiness.ca, Candice So reported on a keynote address by cyber security expert G. Mark Hardy, who shared three tips for today’s IT professionals: Be aware that threats can come from any quarter, it’s your job to communicate risk to upper management but if they’re not listening, be ready to move on, and SMBs are easy targets. She also explored why building a spy phone is as easy as injecting malware into Android apps.
In other SMB-focused coverage from SecTor, a video from Brian Jackson explores the wacky happenings on the SecTor show floor, from lock picking and hand hacking to dongles. Also, a blog from Claudiu Popa asks how much fun an IT security conference can be, anyway? (Apparently, pretty fun.)