DEF CON 31 and Black Hat 2023 Trends

The Digital Jesuit Padre SJ's Experience at the Black Hat Briefings

Before closing up, I want to know what was the most interesting part of the Black Hat Briefings, aside from running into my own digital counterpart, PadreSJ. My favorite thing, aside from a blatant plug for the Omnia Analyst Summit, which was great - we were sold out and got to talk to a lot of people there - was hitting the startup section at Black Hat. I found it fascinating to see these small startup companies tackling very particular pieces of the puzzle, often using AI, which speaks to the democratization of AI that comes from being able to make use of public AI engines like ChatGPT and Google. These startups were bringing various forms of Operational Technology (OT) under the IT umbrella, and it was exciting to see the risk-based approach they were taking.

The Omnia Analyst Summit was another highlight for me. We were sold out, with standing room only, and I had the opportunity to talk to many people there. The startup section was particularly impressive, showcasing innovative solutions that were tackling specific vulnerabilities in the industry. It's clear that these startups are aware of the pressing need for AI-powered security solutions and are working tirelessly to develop them.

The energy at Black Hat was incredible, with attendees sharing ideas and making connections face-to-face. This was a welcome change from online interactions alone, which can sometimes lack the human touch. The Omnia Analyst Summit was another example of this, where I had the chance to talk to many people in the industry and learn about their experiences.

One thing that struck me at both events was the need for more trained professionals in cybersecurity. There's a shortage of around half a million trained professionals globally, which is a significant challenge. However, it's worth noting that this lack of supply does not mean there are no opportunities available. In fact, the demand for skilled security professionals is high and can be lucrative.

When talking to young people about potential careers in cybersecurity, I always emphasize the importance of doing your homework and learning as much as you can. Cybersecurity requires a deep understanding of systems and processes, which means it's not a shortcut or a one-size-fits-all solution. The field is constantly evolving, with new threats and vulnerabilities emerging all the time.

To get involved in cybersecurity, I recommend exploring various aspects of the industry, from networking to cryptography. The field is diverse and exciting, and there are many opportunities available for those who are passionate about it.

In conclusion, both Black Hat Briefings and the Omnia Analyst Summit were exciting events that offered a wealth of knowledge and insights into the world of cybersecurity. Whether you're looking to get started in the industry or simply want to stay up-to-date on the latest developments, these events are definitely worth attending.

Cybersecurity in the Age of AI: The Rise of Operational Technology

As I walked through the halls of Black Hat, I couldn't help but notice the increasing focus on Artificial Intelligence (AI) and Machine Learning (ML) in cybersecurity. This shift towards AI-powered security solutions is driven by the need to address the growing threat landscape, which includes everything from nation-state attacks to cyber-physical threats.

One major area of concern is Operational Technology (OT), which refers to the control systems that underpin our physical infrastructure, such as power plants and water treatment facilities. These systems are increasingly vulnerable to cyber threats, and it's clear that the industry needs a new approach to address this problem.

The term "OT" has become widely accepted in recent years, replacing the older term "Industrial Control Systems." This shift acknowledges the growing importance of OT in our daily lives and recognizes the need for a more coordinated approach to security.

At Black Hat, I had the chance to explore various solutions that are being developed to address the challenges posed by OT. From AI-powered intrusion detection systems to machine learning-based anomaly detection, these tools are helping organizations to better understand and respond to threats in their Operational Technology environments.

The most exciting development, however, is the emergence of risk-based approaches to OT security. By focusing on the specific risks faced by each organization, companies can develop targeted solutions that address their unique vulnerabilities. This approach recognizes that no two organizations are alike, and that a one-size-fits-all solution simply won't cut it.

The Rise of Demilitarized Zones (DMZs) in Cybersecurity

As I walked through the halls of Black Hat, I couldn't help but notice the increasing importance of Demilitarized Zones (DMZs) in cybersecurity. The DMZ is a crucial component of any secure network architecture, and its role has evolved significantly in recent years.

Traditionally, the DMZ referred to the area between an organization's internal network and its external internet-facing servers. However, with the rise of cloud computing, DevOps, and containerization, the boundaries between networks have become increasingly blurred.

In modern cybersecurity, the DMZ is often referred to as a "cloud-based DMZ" or a "managed service DMZ." This approach recognizes that many organizations are now using cloud services to host their applications, data centers, and other critical infrastructure.

The key principle behind this new approach is to ensure that sensitive information is protected from unauthorized access. By leveraging advanced security technologies, such as machine learning-based threat detection and encryption, organizations can create a secure DMZ that protects both on-premises and cloud-based systems.

At Black Hat, I had the chance to explore various solutions that are being developed to address the challenges posed by cloud-based DMZs. From managed service providers (MSPs) offering cloud security as-a-service to AI-powered threat detection platforms, these tools are helping organizations to stay ahead of the threats in their increasingly complex digital landscape.

The Importance of Training and Development in Cybersecurity

As I walked through the halls of Black Hat, I couldn't help but notice the importance of training and development in cybersecurity. With the demand for skilled security professionals continuing to grow, it's clear that investing in employee training is essential.

At Black Hat, I had the chance to talk to many security professionals who were passionate about sharing their knowledge with others. These individuals recognized the need for continuous learning and skill-building in order to stay ahead of the threats in an ever-evolving digital landscape.

One thing that struck me was the emphasis on hands-on training and practical experience. Many organizations are recognizing that simply attending conferences or online courses is not enough - they need to provide their employees with real-world experience and opportunities to apply their skills in a controlled environment.

The Rise of Cybersecurity Awareness

As I walked through the halls of Black Hat, I couldn't help but notice the growing importance of cybersecurity awareness. With so many threats facing organizations today, it's clear that educating employees is essential to preventing security breaches.

At Black Hat, I had the chance to explore various solutions that are being developed to address this challenge. From phishing training programs to social engineering simulations, these tools are helping organizations to educate their employees and prevent security breaches.

The Importance of Risk Management in Cybersecurity

As I walked through the halls of Black Hat, I couldn't help but notice the importance of risk management in cybersecurity. With so many threats facing organizations today, it's clear that having a solid risk management plan is essential to preventing security breaches.

One thing that struck me was the emphasis on risk-based approaches to cybersecurity. By focusing on the specific risks faced by each organization, companies can develop targeted solutions that address their unique vulnerabilities. This approach recognizes that no two organizations are alike, and that a one-size-fits-all solution simply won't cut it.

The Future of Cybersecurity: Trends to Watch

As I walked through the halls of Black Hat, I couldn't help but notice the exciting trends shaping the future of cybersecurity. From AI-powered threat detection to cloud-based security solutions, these innovations are helping organizations to stay ahead of the threats in an ever-evolving digital landscape.

One trend that stood out was the increasing importance of quantum-resistant cryptography. As we move towards a post-quantum era, it's clear that traditional cryptographic techniques will no longer be sufficient to protect our data.

Another trend that caught my attention was the growing use of edge computing in cybersecurity. By leveraging advanced edge computing technologies, organizations can improve their response times and reduce the risk of security breaches.

The Final Word

In conclusion, Black Hat Briefings 2023 was an exciting event that offered a wealth of knowledge and insights into the world of cybersecurity. Whether you're looking to get started in the industry or simply want to stay up-to-date on the latest developments, these events are definitely worth attending.

As I walked through the halls of Black Hat, I couldn't help but feel inspired by the passion and dedication of the security professionals I met. These individuals recognized the importance of cybersecurity and were working tirelessly to address the challenges posed by this ever-evolving threat landscape.

The future of cybersecurity is bright, with many exciting trends on the horizon. From AI-powered threat detection to cloud-based security solutions, these innovations are helping organizations to stay ahead of the threats in an increasingly complex digital landscape.

"WEBVTTKind: captionsLanguage: enthis is TWiT you know we we talk about black hat and Defcon it's worth reminding you people that these are two separate events they are produced by different companies they were started by the same person but have since become uh two separate entities they just happen to take place in the same city one right on the heels of another and I'd be lying if I said there wasn't a significant overlap in the attendee base so what was it this year well as always black hat is the more Enterprise facing show it is where the Enterprise Defenders spend time uh it is where people whose job it is to keep the bad guys out go to find out what their peers are doing a lot of researchers and it was interesting this year hearing attendees say that black hat is a very technical Hands-On kind of conference and that's very true while there are a lot of csos they're most of the uh presentations most of the trainings most of the um sessions that look at research are from and for people who actually get their hands dirty in cyber security well what were they talking about it will surprise absolutely no one to hear that this year the biggest single topic of conversation was generative AI um and the remarkable thing about AI is this last year when we went to Black Cat I heard several Executives and csos say something a lot like I never want to hear AI again I'm sick of hearing about AI there's nothing new everybody's got it I just don't want to hear about it because it's just plain marketing speak fast forward a year and everybody wants to talk about AI all of the vendors are talking about either what they're doing in generative AI what their plans are for a generative ai ai or what the reason is that they're going to wait a while before coming out with something in generative AI it was the center of gravity around which all conversations um orbited I even have a colleague who at RSA invented a metric um mtta mean time to AI which was a master of how long we went in an interview before the first person brought up Ai and I think the average was something like 68 seconds this year it was really really short what does it mean for security well it's important to note that generative AI is different than the neural networks and other forms of let's call it classic AI there has been part of cyber security for a while the big difference is this the classic Model AI neural Nets and the light are very good at doing targeted tasks very quickly they are very good at automating processes if you want something that will respond to poorly understood threats in a very short period of time something that uses heuristics another AI generated term or AI adjacent term um you're talking AI automation speed that sort of thing generative AI or large language model is really bad at that because the large model requires time to sort through it requires time to process it requires time to do the sort of massive correlations that are required to get answers where the large language models are being used is in human assist functions mostly to do what I describe as taking a tier one analyst and turning them into a tier 1.5 analyst it makes it so that as they pass things on to tier two and tier 3 analyst it goes with more context with more recommendations with more certainty about what is being seen so we have those two things going back and forth now when we got to Defcon thing shifter because Defcon is traditionally the conference for the pin Tester the red team the threat actor and such was the case this year but as we continue a trend that started several years ago the executive branch of the federal government has recognized just how skilled many of these folks who go to Defcon are and so this year for example we had a mass generative AI red teaming event they would get around 200 people at a time into a room filled with bright shiny new laptops and individual codes that allowed people to record what they were doing as they threw prompts as they threw lines of text as they threw ursats commands against the generative AI engines from Google from uh the for chat GPT for all of the major ity of AI engines and this was sponsored by the White House it was fascinating it was one of the a surreal moment when I was standing there I I attend Defcon on a media badge and I was standing there in this room watching all of the people hard at work standing next to me was the Secretary of Homeland Security and on the other side of me were a couple of people from DARPA wandering around the room there were people from the White House staff who were wearing big round glowy badges with the White House engraved on you know there's no trying to pass as anything but we're here from the White House um but you know there were people from um the Department of State talking about uh Bounty programs against hackers there were people from DARPA there were people from all over there so that was going on and oh by the way just like AI had been something we didn't talk about at black hat last year at Defcon the AI Village last year was very sleepy it shared a room with two other Villages and the biggest conference session I saw had about 20 people sitting in it this year you would have thought they were handing out free Taylor Swift tickets uh or you know judging by the crowd there were literally hundreds of people standing in line to get into every session that was held in the AI Village so what beside from AI what were people talking about people talked about risk we heard about risk based this that and the other and and typically what this means is that companies are using a risk metric so they're quantifying the risk taking risks measuring it and expressing it in some sort of quantity and then using whatever products it is they're selling or service to reduce that risk by a quantifiable amount so that's what they're going their metric they're not really worried about stopping people stopping attackers stopping attackers is a means to an end the end is reducing risk they are risk based going along with that tools for measuring risks are all over the place if they if we have a problem to be honest it's that we have so very many ways of expressing risk and it's very difficult for companies to compare their risk against that of another pardon me organization which makes it very difficult to Benchmark your risk against someone else so risk so AI we talked about things like iot security or the the current expression that's being used more and more is OT instead of Internet of Things we're talking about operational technology OT versus it operational technology versus information technology and how the vast amounts of data that are generated in those OT sensors and controllers can be analyzed and understood by the I.T group and some sort of coherent enterprise-wide risk posture arrived at there is of course a lot else but these were the major threads that I came across it was exciting the energy at both shows was incredible a lot of people talking about how happy they were to be there with all of the attendees sharing ideas seeing people face to face and making the online interactions that will occur the rest of the year much more valuable because they've had the human interaction at the trade show to Curtis before before we close up I want to be I want to really know what what was the most interesting maybe your favorite part of a blackout other than running into their our very own digital Jesuit Padre SJ what what was the was what kind of hit your fancy there um I have to say that my favorite thing aside from I I have to give a you know blatant plug the Omnia analyst Summit was great we were sold out it was standing room only and we got to talk to a lot of people there um my favorite thing going through was hitting the startup section and looking at what these small startup companies are doing often attacking a very particular piece of the puzzle uh but doing it with an incredible Focus now they were still we saw a lot of people using AI which I think speaks to the democratization of AI that comes from being able to make use of um some of the big you know the chat GPT the the Google the um various other public AI engines um and the way that they were bringing various forms of OT under the I.T umbrella uh lots of that going on as well so lots of risk-based lots of um artificial intelligence and lurking around all of it was training I mean we're still sitting on a shortage of somewhere around half a million trained professionals globally um we know there's no way to bridge that Gap anytime soon but the need is out there and so when I talk to young people about you know well what kind of career should I think about in computers look at security um there's a crying need it's really interesting the people are great and oh by the way pays pretty darn well it does indeed does indeed well thank you Chris great great summary I'm actually interested to see where all this goes in the coming months just to see how organizations actually react to some of the news that came out of us I appreciate the summary it's nice that the White House is doing stuff because back in when I first went to Defcon the top game was spot the fed and I didn't get I didn't get spotted until like the last day yeah the uh big glowy badges take a lot of challenge out of that one yeah I just want to add a little bit because um being you know an act coming from academias um to the kids that are listening or people thinking about getting into cyber security just a heads up there's no shortcuts um cyber security requires almost to the you know letter that you know the systems well so um I know you know I've been getting a lot of people asking about you know what what career should I go into cyber security I I keep telling them is a superset of the computer industry because a lot of the vulnerabilities are in pieces of the industry um that you have to know reasonably well and the black hat teams and the white hat teams know that so it's not a shortcut do your homework learn about things remember this industry you never stop learning it's midweek and you really want to know even more about the world of technology so you should check out Tech news weekly the show where we talk to and about the people making and breaking the tech news what's the biggest news we talk with the people writing the stories that you're probably reading we also talk between ourselves about the stories that are getting us even more excited about tech news this week so if you're excited well then join us head to twit.tv tnw to subscribe thank youthis is TWiT you know we we talk about black hat and Defcon it's worth reminding you people that these are two separate events they are produced by different companies they were started by the same person but have since become uh two separate entities they just happen to take place in the same city one right on the heels of another and I'd be lying if I said there wasn't a significant overlap in the attendee base so what was it this year well as always black hat is the more Enterprise facing show it is where the Enterprise Defenders spend time uh it is where people whose job it is to keep the bad guys out go to find out what their peers are doing a lot of researchers and it was interesting this year hearing attendees say that black hat is a very technical Hands-On kind of conference and that's very true while there are a lot of csos they're most of the uh presentations most of the trainings most of the um sessions that look at research are from and for people who actually get their hands dirty in cyber security well what were they talking about it will surprise absolutely no one to hear that this year the biggest single topic of conversation was generative AI um and the remarkable thing about AI is this last year when we went to Black Cat I heard several Executives and csos say something a lot like I never want to hear AI again I'm sick of hearing about AI there's nothing new everybody's got it I just don't want to hear about it because it's just plain marketing speak fast forward a year and everybody wants to talk about AI all of the vendors are talking about either what they're doing in generative AI what their plans are for a generative ai ai or what the reason is that they're going to wait a while before coming out with something in generative AI it was the center of gravity around which all conversations um orbited I even have a colleague who at RSA invented a metric um mtta mean time to AI which was a master of how long we went in an interview before the first person brought up Ai and I think the average was something like 68 seconds this year it was really really short what does it mean for security well it's important to note that generative AI is different than the neural networks and other forms of let's call it classic AI there has been part of cyber security for a while the big difference is this the classic Model AI neural Nets and the light are very good at doing targeted tasks very quickly they are very good at automating processes if you want something that will respond to poorly understood threats in a very short period of time something that uses heuristics another AI generated term or AI adjacent term um you're talking AI automation speed that sort of thing generative AI or large language model is really bad at that because the large model requires time to sort through it requires time to process it requires time to do the sort of massive correlations that are required to get answers where the large language models are being used is in human assist functions mostly to do what I describe as taking a tier one analyst and turning them into a tier 1.5 analyst it makes it so that as they pass things on to tier two and tier 3 analyst it goes with more context with more recommendations with more certainty about what is being seen so we have those two things going back and forth now when we got to Defcon thing shifter because Defcon is traditionally the conference for the pin Tester the red team the threat actor and such was the case this year but as we continue a trend that started several years ago the executive branch of the federal government has recognized just how skilled many of these folks who go to Defcon are and so this year for example we had a mass generative AI red teaming event they would get around 200 people at a time into a room filled with bright shiny new laptops and individual codes that allowed people to record what they were doing as they threw prompts as they threw lines of text as they threw ursats commands against the generative AI engines from Google from uh the for chat GPT for all of the major ity of AI engines and this was sponsored by the White House it was fascinating it was one of the a surreal moment when I was standing there I I attend Defcon on a media badge and I was standing there in this room watching all of the people hard at work standing next to me was the Secretary of Homeland Security and on the other side of me were a couple of people from DARPA wandering around the room there were people from the White House staff who were wearing big round glowy badges with the White House engraved on you know there's no trying to pass as anything but we're here from the White House um but you know there were people from um the Department of State talking about uh Bounty programs against hackers there were people from DARPA there were people from all over there so that was going on and oh by the way just like AI had been something we didn't talk about at black hat last year at Defcon the AI Village last year was very sleepy it shared a room with two other Villages and the biggest conference session I saw had about 20 people sitting in it this year you would have thought they were handing out free Taylor Swift tickets uh or you know judging by the crowd there were literally hundreds of people standing in line to get into every session that was held in the AI Village so what beside from AI what were people talking about people talked about risk we heard about risk based this that and the other and and typically what this means is that companies are using a risk metric so they're quantifying the risk taking risks measuring it and expressing it in some sort of quantity and then using whatever products it is they're selling or service to reduce that risk by a quantifiable amount so that's what they're going their metric they're not really worried about stopping people stopping attackers stopping attackers is a means to an end the end is reducing risk they are risk based going along with that tools for measuring risks are all over the place if they if we have a problem to be honest it's that we have so very many ways of expressing risk and it's very difficult for companies to compare their risk against that of another pardon me organization which makes it very difficult to Benchmark your risk against someone else so risk so AI we talked about things like iot security or the the current expression that's being used more and more is OT instead of Internet of Things we're talking about operational technology OT versus it operational technology versus information technology and how the vast amounts of data that are generated in those OT sensors and controllers can be analyzed and understood by the I.T group and some sort of coherent enterprise-wide risk posture arrived at there is of course a lot else but these were the major threads that I came across it was exciting the energy at both shows was incredible a lot of people talking about how happy they were to be there with all of the attendees sharing ideas seeing people face to face and making the online interactions that will occur the rest of the year much more valuable because they've had the human interaction at the trade show to Curtis before before we close up I want to be I want to really know what what was the most interesting maybe your favorite part of a blackout other than running into their our very own digital Jesuit Padre SJ what what was the was what kind of hit your fancy there um I have to say that my favorite thing aside from I I have to give a you know blatant plug the Omnia analyst Summit was great we were sold out it was standing room only and we got to talk to a lot of people there um my favorite thing going through was hitting the startup section and looking at what these small startup companies are doing often attacking a very particular piece of the puzzle uh but doing it with an incredible Focus now they were still we saw a lot of people using AI which I think speaks to the democratization of AI that comes from being able to make use of um some of the big you know the chat GPT the the Google the um various other public AI engines um and the way that they were bringing various forms of OT under the I.T umbrella uh lots of that going on as well so lots of risk-based lots of um artificial intelligence and lurking around all of it was training I mean we're still sitting on a shortage of somewhere around half a million trained professionals globally um we know there's no way to bridge that Gap anytime soon but the need is out there and so when I talk to young people about you know well what kind of career should I think about in computers look at security um there's a crying need it's really interesting the people are great and oh by the way pays pretty darn well it does indeed does indeed well thank you Chris great great summary I'm actually interested to see where all this goes in the coming months just to see how organizations actually react to some of the news that came out of us I appreciate the summary it's nice that the White House is doing stuff because back in when I first went to Defcon the top game was spot the fed and I didn't get I didn't get spotted until like the last day yeah the uh big glowy badges take a lot of challenge out of that one yeah I just want to add a little bit because um being you know an act coming from academias um to the kids that are listening or people thinking about getting into cyber security just a heads up there's no shortcuts um cyber security requires almost to the you know letter that you know the systems well so um I know you know I've been getting a lot of people asking about you know what what career should I go into cyber security I I keep telling them is a superset of the computer industry because a lot of the vulnerabilities are in pieces of the industry um that you have to know reasonably well and the black hat teams and the white hat teams know that so it's not a shortcut do your homework learn about things remember this industry you never stop learning it's midweek and you really want to know even more about the world of technology so you should check out Tech news weekly the show where we talk to and about the people making and breaking the tech news what's the biggest news we talk with the people writing the stories that you're probably reading we also talk between ourselves about the stories that are getting us even more excited about tech news this week so if you're excited well then join us head to twit.tv tnw to subscribe thank you\n"

Random Videos