Last week, I attended Infosecurity Europe 2018, the largest event of its kind in Europe. The event is a carnival of the cybersecurity industry, with promotion of every information security product imaginable. There are also more conference training tracks than your average railway. The show gives a good indication of the key issues that are at stake in the European cybersecurity industry.

Here are a few key takeaways from the event:

  1. Normality has returned after the year of GDPR. Infosec Europe 2018 felt like a return to normal after the deluge of GDPR messaging from vendors last year. Most companies on the user side have settled into GDPR. Vendors learned that they went too far last year and so have softened their messaging. The stands and talks demonstrated that the focus has returned to looking at securing the environment holistically.
  2. No clear theme or disruptive technologies emerged. This year, there was a lack of a clear theme or a disruptive technology. This was echoed by many of the 25 or so vendors that I spoke to last week. Most felt that we were back to solving the same old problems using the same old solutions. This is reflective of some of the comments my colleagues in the US made after attending RSA 2018 this past April. This, for me, is a worrying trend, as it indicates that there has been a lack of progress within the industry. Are we going back to basics after a few years of hype? Or have we run out of good ideas to defend ourselves against our adversaries? The answer to that question is not clear and one that we will be looking at in our research. This report, for example, talks about the disruption in the security industry by the “tech titans.”
  3. There have been some welcome advances in the diversity agenda. Many of us noted the increased presence of women attending the show. Events held promoted the “Women In Cybersecurity” agenda. Promotion of a product by women in ball gowns by one vendor was also roundly condemned by the industry. It does show that, while we clearly still have work to do, we have come far from prior events of recent years and have made some demonstrable progress on increasing diversity in the industry.
  4. A vibrant startup sector exists in the UK/Europe. Increased attendance by startups was evident. Some interesting ideas and showcases gave these companies a platform that would normally be denied to them. I will comment on this subject in planned research later this summer.

In summary, the show was an interesting inside look at the state of the cybersecurity industry in Europe. We will follow up shortly with a more in-depth look at some of the key themes.