SecTor Highlights Need for More Trust and Cyber-Security Regulations

SecTor, which runs annually in Toronto, has emerged over its 11-year existence to become one of the larger security conferences in North America. The 2017 event ran Nov. 14-15 and included a mix of topics, including government involvement in cyber-security policy, security fundamentals and more involved technical discussions on how attacks are occurring today. IBM Resilient CTO Bruce Schneier made the case in his SecTor keynote address for government regulation to help improve cyber-security for the internet of things, while MIT futurist David Shrier advocated for a new trust data framework that helps to maintain cyber-security privacy. In this slide show, eWEEK takes a look at some of the highlights of the SecTor 2017 event.

The challenge of cyber-security cannot be effectively solved by industry alone, according to Bruce Schneier, CTO of IBM Resilient. Instead, he advocated for government involvement to help regulate technology security.

Security researcher Majid Malaika detailed a theoretical attack he dubbed “Botract” at SecTor, in which the Ethereum blockchain could be abused to help enable a powerful botnet.

MIT futurist David Shrier outlined efforts underway by the MIT Trust::Data Consortium, which he helps to lead, to build new systems that redefine how data is shared and secured.

At the SecTor conference, Colleen Merchant, director general for National Cyber Security at Public Safety Canada, detailed the steps the government of Canada has taken to protect itself and its citizens.

Security researcher Ashley Shen gave a deep dive talk on the tactics and tools used by North Korean hackers in a SecTor session. North Korean attacker groups make use of a common set of tactics, including software vulnerability exploitation, spear-phishing emails and watering hole attacks. The groups are also related in that they all reuse some of the same code, according to Shen’s analysis.

In a lunch keynote, Allison Miller, product manager of security and privacy at Google, detailed the risk modeling tactics and approaches that cyber-security defenders should consider.

SecTor isn’t just about digital security; it also provides an opportunity for attendees to learn about physical security in the lockpick village.

Hack Lab Focuses on IoT Security Issues

Tripwire sponsored an IoT hack lab in the exhibitor hall that gave attendees the opportunity to learn about IoT security issues.

Tripwire sponsored an IoT hack lab in the exhibitor hall that gave attendees the opportunity to learn about IoT security issues.

SecTor will return to the Metro Toronto Convention Centre, which is in the shadow of the CN Tower, in October 2018.