From January 28-30, the 2020 edition of FIC, the International Cybersecurity Forum, took place in Lille. All of the industry's major players were there: Thalès, Airbus, Qualys, Orange Cyberdéfense. There was even a significant government presence. The topic of personal data protection was still on everyone's lips, but blockchain has practically vanished from the event! Our experts at the conference shared their take on its major trends.
Zero-trust
In security architecture, the top trend is to reduce the security perimeters of the items to be protected, whether they are user accounts, documents, or even network infrastructure. Instead of one large perimeter in which inputs and outputs are controlled, all actions are to be monitored: Access attempts, downloads, etc. Thus, each action by each person will be recorded and checked. It’s no longer enough to just have a single authentication combined with access control. The goal is to check, potentially using artificial intelligence, whether the user’s behavior is abnormal.
Identity issues
Within the FIC itself, the ID Forum was held on January 28. This was a series of talks and round-table discussions on digital identity. The event sparked a conversation on authentication issues, and many industry exhibitors were involved. It's worth noting that the new FIDO 2 security standard, which enables two-factor authentication based on the use of security keys (FIDO2 keys) and authentication tokens, was also a big topic of discussion. Many manufacturers exhibited small devices for secure authentication. FIDO 2 is meant to standardize all of these devices used for logging in to systems (access to secure sites, protecting a bitcoin wallet, payments, etc.).
Fear of ransomware
Hackers are now less interested than ever in stealing data, but more inclined to take it hostage. In concrete terms, entire systems of large companies have been frozen, with hackers demanding a ransom to either unfreeze the system or stop them from disclosing the data. There is no new miracle solution, but anti-intrusion security software publishers had a major presence, and spoke about this risk. Several terminals to analyze USB keys to detect in seconds whether the key has been corrupted were also demonstrated.
