Black Hat Impressions

Like many others in the cybersecurity community, I attended Black Hat in Las Vegas last week. Here are my thoughts on the show:

Topics: Cybersecurity Black Hat CISO home network security SDP

Black Hat 2017: Disruption in the Wind

Such blogs typically offer 3 or 4 takeaways from seminal industry events; I have one from Black Hat 2017—disruption of core cybersecurity markets is in the air.

Topics: Cybersecurity Black Hat

Anticipating Black Hat 2017

I’ve been looking forward to this year’s Black Hat event in Las Vegas for several months. In my mind, Black Hat has become the industry’s premier event for digging into cybersecurity technology.  RSA seems to be leaning toward business development and Sand Hill Rd. schmoozing these days.

Topics: Cybersecurity Black Hat

Anticipating Black Hat

I was at Cisco Live a few weeks ago in the 100+ degree heat of Las Vegas and like other cybersecurity professionals, I am off to Sin City again next week for Black Hat.

Topics: Cybersecurity IoT endpoint security Black Hat cloud security ransomware

Two CISO Priorities from Black Hat: Endpoint Security and Cloud DLP

With the frenzy of the largest Black Hat to date in the review mirror there is much to reflect upon. The range of hacks demonstrated highlight the massive expanse of the attack surface area with mobile and IoT exploits front and center including the now famous car hack of 2015. While the sheer scope of IoT vulnerabilities is staggering, CISOs and practioners I spoke with cited the endpoint attack vector and preventing the loss of data via the use of unauthorized cloud apps as two of their more immediate concerns. The high level of competition between vendors in the advanced endpoint threat protection and cloud access and control security markets correlate to this demand; their markets have indeed arrived.

Topics: cloud endpoint security Black Hat CISO

Black Hat PreGaming Thoughts

With the current vibrancy of the cybersecurity industry on both sides of the ledger, there is much to learn this week at Black Hat in Las Vegas. As I prepare for my trip across the country, I thought I’d borrow a term from today’s college student vernacular and offer a few Black Hat pre-gaming thoughts.

 

 

 

  

Topics: Cybersecurity Black Hat

Black Hat Is About Cybersecurity People and Processes

Over the past few years, the RSA Security Conference has become a marquee technology industry event. It has really outgrown its humble roots in cryptography and Layer 3 and 4 packet filtering – now RSA is where technology industry bigwigs meet, drink exquisite Napa Valley wine, get a broad perspective of the cybersecurity industry, and do deals.

RSA’s emergence as a “must-attend” technology industry event is a good thing on balance. For one week of the year, business, government, and technology leaders descend on San Francisco and shed a spotlight on the global state of cybersecurity. But while this attention is a good thing, RSA has evolved into a high-level affair, focusing on the “why” questions surrounding cybersecurity.

Enter Black Hat, which takes place next week in Las Vegas. Rather than concentrate further on “why” questions, Black Hat is where you go to explore “how.”

Topics: Cybersecurity Black Hat cybercrime Black Hat 2015

Anticipating Black Hat

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next week for cocktails, sushi bars, and oh yeah – Black Hat.

Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on:

  • Advanced malware tactics. Some of my favorite cybersecurity researchers will be in town to describe what they are seeing “in the wild.” These discussions are extremely informative and scary at the same time. This is where industry analysts like me learn about the latest evasion techniques, man-in-the-browser attacks, and whether mobile malware will really impact enterprise organizations.
  • The anatomy of various security breaches. Breaches at organizations like the New York Times, Nordstrom, Target, and the Wall Street Journal receive lots of media attention, but the actual details of attacks like these are far too technical for business publications or media outlets like CNN and Fox News. These “kill chain” details are exactly what we industry insiders crave as they provide play-by-play commentary about the cybersecurity cat-and-mouse game we live in.
  • Threat intelligence. All of the leading infosec vendors (i.e., Blue Coat, Cisco, Check Point, HP, IBM, Juniper, McAfee, RSA, Symantec, Trend Micro, Webroot, etc.) have been offering threat intelligence for years, yet threat intelligence will be one of the major highlights at Black Hat. Why? Because not all security and/or threat intelligence is created equally. Newer players like BitSight, Crowdstrike, iSight Partners, Norse, RiskIQ, and Vorstack are slicing and dicing threat intelligence and customizing it for specific industries and use cases. Other vendors like Fortinet and Palo Alto Networks are actively sharing threat intelligence and encouraging other security insiders to join. Finally, there is a global hue and cry for intelligence sharing that includes industry standards (i.e. CybOX, STIX, TAXII, etc.) and even pending legislation. All of these things should create an interesting discourse.
  • Big data security analytics. This is an area I follow closely that is changing on a daily basis. It’s also an interesting community of vendors. Some (i.e., 21CT, ISC8, Leidos, Lockheed-Martin, Norse, Palantir, Raytheon, etc.), come from the post 9/11 “total information access” world, while others (Click Security, HP, IBM, Lancope, LogRhythm, RSA, etc.) are firmly rooted in the infosec industry. I look forward to a lively discussion about geeky topics like algorithms, machine learning, and visual analytics.
Topics: IBM Check Point Palo Alto Networks Fortinet Cisco Data Management & Analytics Information and Risk Management Juniper HP McAfee Enterprise Software Security and Privacy Crowdstrike Lockheed Martin Black Hat trend micro RiskIQ 21CT Leidos Norse CybOX BitSight Symantec RSA TAXII ISC8 Blue Coat STIX Webroot

A Multitude of Mobile Security Issues

The Black Hat USA conference takes place next week. If it's anything like RSA and Interop, there will be a fair amount of discussion about BYOD and mobile device security. Yup, a lot of hype but this is a topic worth discussing as nearly every enterprise organization and CISO I speak with is struggling here.

Topics: Apple Microsoft End-User Computing Check Point MDM Cisco Information and Risk Management McAfee mobile Security and Privacy google BYOD android Good Technology Juniper Networks Black Hat trend micro Symantec Anti-malware Interop MobileIron DLP RSA Security Conference iPad