Video Recap of Black Hat 2015

I recently attended the Black Hat 2015 conference in Las Vegas, along with ESG Senior Analyst Doug Cahill and Research Analyst Kyle Prigmore. This video summarizes our impressions of the event. 

Topics: Cybersecurity Black Hat

Two CISO Priorities from Black Hat: Endpoint Security and Cloud DLP

With the frenzy of the largest Black Hat to date in the review mirror there is much to reflect upon. The range of hacks demonstrated highlight the massive expanse of the attack surface area with mobile and IoT exploits front and center including the now famous car hack of 2015. While the sheer scope of IoT vulnerabilities is staggering, CISOs and practioners I spoke with cited the endpoint attack vector and preventing the loss of data via the use of unauthorized cloud apps as two of their more immediate concerns. The high level of competition between vendors in the advanced endpoint threat protection and cloud access and control security markets correlate to this demand; their markets have indeed arrived.

Topics: Cybersecurity Black Hat Cloud Services & Orchestration

Black Hat Boogie

I spent all of last week in Las Vegas at Black Hat 2015. I used to pass on Black Hat, but no longer – it is a great opportunity for getting into the cybersecurity weeds with the right people who can talk about evasion techniques, malware, threat actors, and vulnerabilities. Alternatively, RSA Security conference conversations tend to center on things like IPOs, market trends, and PowerPoint presentations.

Topics: Cybersecurity Black Hat

Black Hat PreGaming Thoughts

With the current vibrancy of the cybersecurity industry on both sides of the ledger, there is much to learn this week at Black Hat in Las Vegas. As I prepare for my trip across the country, I thought I’d borrow a term from today’s college student vernacular and offer a few Black Hat pre-gaming thoughts.

 

 

 

  

Topics: Cybersecurity Black Hat

Black Hat Is About Cybersecurity People and Processes

Over the past few years, the RSA Security Conference has become a marquee technology industry event. It has really outgrown its humble roots in cryptography and Layer 3 and 4 packet filtering – now RSA is where technology industry bigwigs meet, drink exquisite Napa Valley wine, get a broad perspective of the cybersecurity industry, and do deals.

RSA’s emergence as a “must-attend” technology industry event is a good thing on balance. For one week of the year, business, government, and technology leaders descend on San Francisco and shed a spotlight on the global state of cybersecurity. But while this attention is a good thing, RSA has evolved into a high-level affair, focusing on the “why” questions surrounding cybersecurity.

Enter Black Hat, which takes place next week in Las Vegas. Rather than concentrate further on “why” questions, Black Hat is where you go to explore “how.”

Topics: Cybersecurity Black Hat

Anticipating Black Hat

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next week for cocktails, sushi bars, and oh yeah – Black Hat.

Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on:

  • Advanced malware tactics. Some of my favorite cybersecurity researchers will be in town to describe what they are seeing “in the wild.” These discussions are extremely informative and scary at the same time. This is where industry analysts like me learn about the latest evasion techniques, man-in-the-browser attacks, and whether mobile malware will really impact enterprise organizations.
  • The anatomy of various security breaches. Breaches at organizations like the New York Times, Nordstrom, Target, and the Wall Street Journal receive lots of media attention, but the actual details of attacks like these are far too technical for business publications or media outlets like CNN and Fox News. These “kill chain” details are exactly what we industry insiders crave as they provide play-by-play commentary about the cybersecurity cat-and-mouse game we live in.
  • Threat intelligence. All of the leading infosec vendors (i.e., Blue Coat, Cisco, Check Point, HP, IBM, Juniper, McAfee, RSA, Symantec, Trend Micro, Webroot, etc.) have been offering threat intelligence for years, yet threat intelligence will be one of the major highlights at Black Hat. Why? Because not all security and/or threat intelligence is created equally. Newer players like BitSight, Crowdstrike, iSight Partners, Norse, RiskIQ, and Vorstack are slicing and dicing threat intelligence and customizing it for specific industries and use cases. Other vendors like Fortinet and Palo Alto Networks are actively sharing threat intelligence and encouraging other security insiders to join. Finally, there is a global hue and cry for intelligence sharing that includes industry standards (i.e. CybOX, STIX, TAXII, etc.) and even pending legislation. All of these things should create an interesting discourse.
  • Big data security analytics. This is an area I follow closely that is changing on a daily basis. It’s also an interesting community of vendors. Some (i.e., 21CT, ISC8, Leidos, Lockheed-Martin, Norse, Palantir, Raytheon, etc.), come from the post 9/11 “total information access” world, while others (Click Security, HP, IBM, Lancope, LogRhythm, RSA, etc.) are firmly rooted in the infosec industry. I look forward to a lively discussion about geeky topics like algorithms, machine learning, and visual analytics.
Topics: Cybersecurity Data Platforms, Analytics, & AI Black Hat

A Multitude of Mobile Security Issues

The Black Hat USA conference takes place next week. If it's anything like RSA and Interop, there will be a fair amount of discussion about BYOD and mobile device security. Yup, a lot of hype but this is a topic worth discussing as nearly every enterprise organization and CISO I speak with is struggling here.

Topics: Cybersecurity ESG on Location RSA Conference Black Hat Enterprise Mobility