SecTor 2013 roundup: From limits on ethical hacking to three tips for security pros

In just seven years, Brian Bourne of solution provider CMS Consulting and a dedicated team of volunteers from across the IT security community have built the annual SecTor Security Education Conference into the top IT security conference in Canada. This year’s was perhaps the biggest yet, offering insight on a wide range of pressing issues around IT security in Canada.

The IT World Canada family of publications had SecTor covered on all bases this week. From the enterprise angle, Howard Solomon reported on a presentation by U.S. researcher and author Gene Kim, who told SecTor attendees that collaboration between software developers and IT operations staff — dubbed DevOps — is the only way for troubled organizations to pull themselves out of a dangerous downward spiral of putting out bugging and insecure code.

We also learned that a group of Canadian IT security professionals hopes to officially set up a national computer emergency response team (CERT) network next month that will run round the clock, and act as warning system to spread news to the private sector and governments about cyber attacks. SecTor panelists also debated whether there should be limits to ethical hacking and explored the various ethical, legal and moral lines, and Kevvie Fowler, a risk consulting partner at KPMG Canada, raised serious security concerns around the open source Apache Hadoop platform for big data management, which has had a meteoric rise since its release in 2006.

And from the small and medium-sized business perspective, over at ITBusiness.ca, Candice So reported on a keynote address by cyber security expert G. Mark Hardy, who shared three tips for today’s IT professionals: Be aware that threats can come from any quarter, it’s your job to communicate risk to upper management but if they’re not listening, be ready to move on, and SMBs are easy targets. She also explored why building a spy phone is as easy as injecting malware into Android apps.

In other SMB-focused coverage from SecTor, a video from Brian Jackson explores the wacky happenings on the SecTor show floor, from lock picking and hand hacking to dongles. Also, a blog from Claudiu Popa asks how much fun an IT security conference can be, anyway? (Apparently, pretty fun.)

Author: Jeff Jedras

A veteran technology and business journalist, Jeff Jedras began his career in technology journalism in the late 1990s, covering the booming (and later busting) Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal, as well as everything from municipal politics to real estate.He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada. He would go on to cover the channel as an assistant editor with CDN.His writing has appeared in the Vancouver Sun, the Ottawa Citizen and a wide range of industry trade publications.