Full Report
This year, for the fourth time, myself and some others here at SensePost have worked together with the team from ITWeb in the planning of their annual Security Summit. A commercial conference is always (I suspect) a delicate balance between the different drivers from business, technology and ‘industry’, but this year’s event is definitely our best effort thus far. ITWeb has more than ever acknowledged the centrality of good, objective content and has worked closely with us as the Technical Committee and their various sponsors to strike the optimal balance. I don’t think we have it 100% right yet, and there are some improvements and initiatives that will unfortunately only manifest at next year’s event, but this year’s program (here and here) is nevertheless first class and comparable with almost anything else I’ve seen.
Analysis Summary
# Industry News: ITWeb Security Summit 2012 Program Review and Trust Crisis Focus
## Summary
SensePost has partnered with ITWeb for the fourth successive year to plan their annual Security Summit, emphasizing a commitment to objective, high-quality technical content despite the inherent commercial balancing act. The 2012 event will focus on the theme that trust in cyberspace is "broken," featuring prominent international speakers addressing advanced threats, the demise of SSL, cyber warfare, and the security implications of critical enterprise systems like SAP.
## Key Details
- Date: Announced/Published May 8, 2012 (Event proceedings not detailed)
- Companies Involved: SensePost, ITWeb, various sponsors (Confirmed speakers include Kenneth Geers, experts from MWR, Onapsis)
- Category: Industry Event Planning & Thematic Focus Announcement
## The Story
Charl van der Walt of SensePost details the planning and thematic direction for the 2012 ITWeb Security Summit. The core challenge acknowledged is balancing business, technology, and industry drivers in a commercial conference setting. This year, the focus is sharper, centered on the failure of established internet trust pillars and asking, "What now?" The program features international "visiting stars" alongside local experts across key tracks, including Cyber War, Mobility (with a specific focus on Africa), Enterprise Resource Planning (ERP/SAP security), Electronic Money, and Security & Politics. A full-day workshop on "Security in an era of BYOD" is also scheduled.
## Business Impact
### For the Companies Involved
- **SensePost:** Reinforces its industry standing as a credible technical authority capable of shaping high-level security discourse, particularly in partnership with a significant media entity like ITWeb.
- **ITWeb:** Positions the Security Summit as a premier, content-driven event in the South African market, distinguishing itself through objective technical programming over purely vendor-driven content.
### For Competitors
- Other regional security conferences may face competitive pressure if the content quality and objective tone established by this collaboration stand out, potentially drawing away high-value attendees and sponsorship dollars seeking substantive analysis.
### For Customers
- Attendees gain access to first-class content tackling fundamental issues of digital trust and emerging critical infrastructure vulnerabilities (like ERP/SAP exposure), providing actionable insights for adapting security strategies beyond current perceived failures.
### For the Market
- The explicit focus on the "broked" state of cyber trust signals a market inflection point where traditional security assumptions (like SSL) are being publicly questioned, driving demand for next-generation security models. The inclusion of SAP/ERP security reflects the growing recognition of industrial control system-like risks within the enterprise back-end.
## Technical Implications
The agenda highlights significant technical concerns:
1. **Demise of SSL & E-Trust:** Suggests a necessary overhaul of fundamental cryptography and authentication mechanisms currently relied upon for conducting secure business online.
2. **ERP/SAP Attacks:** Direct focus on the high-risk exposure of mission-critical business infrastructure (SAP), elevating supply chain and core data security to a board-level concern.
3. **Mobile & Africa:** Acknowledges the unique mobile threat landscape specific to the African context.
## Strategic Analysis
- **Market Positioning:** SensePost and ITWeb are positioning this event as thought leadership, addressing systemic failures rather than incremental product fixes. This appeals to C-level executives and senior practitioners concerned with risk management philosophy.
- **Competitive Advantage:** The collaboration’s success in securing respected international figures (like Kenneth Geers) and dedicated technical experts gives the event credibility far exceeding typical vendor-sponsored gatherings.
- **Challenges:** The article notes difficulty securing enough local expert submissions, which might indicate a local skills gap in addressing these advanced, systemic threats compared to international trends.
## Industry Reactions
- **Expert Commentary:** The author strongly recommends registration, implying internal confidence that the lineup addresses pressing industry questions. The emphasis on *objective* content suggests a deliberate effort to counter the perceived fluff in other commercial events.
- **Market Response:** The event structure seems tailored to draw attendees looking for strategic answers to the "What now?" question following high-profile security failures prevalent around the 2012 timeframe.
## Future Outlook
- Improvements are already slated for next year's event, suggesting ongoing refinement of the content-sponsorship balance. The market should watch how widely the theme of "broken trust" is adopted by vendors and enterprises in subsequent security solution development.
## For Security Professionals
This summit offers critical continuing education rooted in systemic risk analysis. Practitioners should specifically prepare for deep dives into: adapting to modern adversaries, securing bespoke ERP environments, and understanding the geopolitical implications of cyber warfare, all framed within the context of eroding internet trust.