‘Black Hatter’ Lists Top 5 Show Takeaways: AI, IoT & More

Cyber Security Hub's Comprehensive Event Review



Dan Gunderman
08/10/2018

It’s no secret that the big cyber security trade shows are filled with ingenuity and spirited presenters/marketers. Black Hat USA, one of the world’s largest information security events, was no exception.

With its main, two-day conference held from Aug. 8-9, 2018, Black Hat held a myriad of selection options for attendees – from show-floor demonstrations to cutting-edge sessions on topics that directly relate to the enterprise (and a touch of novelty in booth setups).

At the end of the day, though, shows can be all about optics, or all about substantive information. Black Hat touched the latter, with an agenda pleasantly occupied by sessions with attention-grabbing headlines and speakers.

For one, the Cyber Security Hub was “on the ground” throughout the event, documenting show highlights, speaking with industry leaders, experts and practitioners, and bringing a flavor of the show to you, our readers.

What follows is a Black Hat retrospective, offering five of the biggest takeaways. What that boils down to is: actionable information for today’s security pros, who can take the knowledge back to their respective organizations.

1) Threat Intelligence Capabilities

A number of vendors hit the show floor this year to boast their “single-agent” or “single-pane” approach to cyber security. Some of the solutions stand alone as robust, one-size-fits-all products, while others are nestled into the security stack to augment other tools.

All in all, however, various vendors offered MSSP services, and in that bundle includes comprehensive threat detection capabilities.

In a world of ongoing cyber-threats, and immeasurable organized crime groups, today’s solutions cannot be static. Instead, they’re relying on automation and machine learning (ML) to document data flows and network security. All of that activity is in an effort to enhance an organization’s ability to combat threats. More and more, it seems, that is becoming a reality (although we must remind you there is no silver bullet).

See Related: From Endpoint Protection To Threat Intel: Black Hat Day 1 In Review


2) Machine Learning Algorithms

While AI and ML have long been industry buzzwords, puzzling some while dazzling others, it appears to be coming to a point where ML capabilities are both strong and investment-friendly.

A Day 2 session on ML algorithms and their dangers highlighted some of the pitfalls of a head-over-heels ML approach, but the technology is certainly aiding security analysts and data scientists. If it can be deployed properly, with human-level expertise attached, machine learning can ping analysts with red flags and streamline the entire security operations center (SOC).

3) Business Culture

In an opening keynote, Google’s Director of Engineering, Parisa Tabriz, outlined the many efforts taken by today’s security teams. But a good portion of her speech underscored the paramount importance of the actual security team.

Tabriz called for information-sharing – both upwards and outwards – to facilitate growth, and she even said quite plainly that security practitioners have to be more team-oriented.

Altogether, key takeaways there were requisite steps to put security on a path to steady growth. Tabriz said that overall, security is improving, and will continue to do so, as long as its mission becomes true protection, versus (strictly) the competitive edge.

Many of her points were universal, and reminded attendees that the space is in fact coping with a skills shortage and understaffing, and that it truly “takes a village.”

See Related: Black Hat Day 2 Coverage Centers Around Mobile Sec, AI & ML


4) Don’t Forget The Mobile Device

In an age where the attack surface has widened so significantly, it is incumbent on the security team to impose rigid security on mobile devices in the enterprise. That’s because in a matter of minutes, or even seconds, the devices can be hijacked and leveraged by threat actors.

Once these folks are in the device, lateral movement might allow them swift access to accounts, to engage in phishing campaigns to move even more horizontally toward the crown jewels.

In essence, there is no excuse these days for poor mobile management. Chief Information Security Officers (CISO) and the like must make a concerted effort to boost mobile security, protect any corporate or BYOD device, and thus put a barbed wire barrier around sensitive information.

5) IoT Concerns On The Rise

In speaking with security executives at the show, it’s apparent that the Internet of Things (IoT) network is growing exponentially, and that security efforts are attempting to catch up. But is that good enough in a world of distributed denial-of-service (DDoS) attacks, botnets and all sorts of lateral movement?

The answer is most definitely “no.” That said, security teams need to reel in their IoT devices, instill controls, cull manufacturer information and rerelease the devices with security principles in mind. If not, and just like the mobile device, IoT will pose real danger for the enterprise – whether a device horde disrupts service or routers are manipulated for greater illicit goals.

A recent Cyber Security Hub market report found security expert John Chambers renaming the IoT acronym the “Inventory of Threats.” It appears that sentiment is true!

We hope you enjoyed our coverage of the Black Hat USA conference. Just remember, from nifty booth setups to engaging sessions, the show was filled with scores of useful information!

Be Sure To Check Out: Inside The Mind Of A Hacker: Stolen Identity To Full-Blown Data Breach (Webinar Preview!)