Recently, I attended the 22nd annual Black Hat USA 2019 in Las Vegas. As one of the premiere information security events, Black Hat brings together leading security experts, developers, practitioners and vendors. My Verodin colleagues and I look forward to this time of the year, as Black Hat provides us with the opportunity to renew friendships and create new relationships while we share insights in the latest technology innovations, research and challenges in cybersecurity.
What was particularly exciting for my Verodin colleagues and me was that we showcased our newest solution, the Verodin Threat Actor Assurance Module (TAAM), a game changing solution that enhances the Verodin Security Instrumentation Platform with up-to-date threat intelligence from partners. TAAM not only takes in the threat intelligence from one or more of the partners, it automatically turns the intelligence into a proactive program to test your defenses with the same behaviors the threat actors are using. With TAAM our customers gain the assurance of knowing exactly how their defenses will perform against the behaviors of threat actors who may be targeting them.
TAAM was met with great interest and enthusiasm from current and prospective customers. Some of the most interesting discussions were with those who shared concerns about nation-state attacks and how those attacks could lead to copycat incidents, potentially leaving them vulnerable. They saw TAAM as a way to be proactive and ensure that their security stack can defend their critical assets against all of these known attack behaviors.
Over the past decade, I have attended many Black Hat gatherings – as both an attendee and vendor – and without a doubt, this year did not disappoint. As I walked the floor, this year’s key buzzwords, like data protection, data analytics and cloud, were not too different from years past, Yet, unlike previous conferences, I observed that there was a noticeable uptick in vendor messaging around data visualization through scorecards and dashboards. There was even an exhibit that featured augmented reality focused around security operations.
Several other new trends gained visibility at this year’s conference. One, which I thought was particularly interesting, was that more attendees and vendors were talking about the “what if you could” cybersecurity scenarios. For instance, automation was a hot topic. This should not be too surprising, as most practitioners want to leverage a solutions API so security controls can work together to more effectively share information. In fact I personally had this conversation with our customers who want to know what type of security automation is available, and is there a solution that can identify threats or changes in their security posture and tie into an automation platform to remediate the issue. What these types of questions really boil down to is that companies want a solution that can create a continuous, seamless process for ease of use and best-in-class security.
Additionally, increasingly evident was the need for cybersecurity to become less complex and more intuitive by leveraging technologies like artificial intelligence or augmented reality to assist with identifying a threat in the early stages. For example, a key challenge companies are faced with is alert fatigue, and this is simply because a company’s security team is inundated with hundreds of thousands of events daily in the SIEM. As security professionals, we need to ask ourselves, how can this process be streamlined, how can events be correlated and validated for effectiveness, and how can a solution inform an organization what events really matter rather than alerting for everything?
I also observed many vendors in addition to partners offering managed security service provider (MSSP) services. MSSPs have always had a presence at Black Hat, but the number of providers appeared to have greatly increased this year. I believe MSSPs make sense for most organizations that don’t have a mature security model or need staff augmentation as security becomes more complex, and companies are increasingly faced with a shortage of workers who possess the necessary security skills.
Over the years, Black Hat has continuously grown and become more mainstream, transitioning from an event attended by practitioners who would line up to meet cybersecurity industry rock stars to one that is increasingly business focused. And without question, this change goes hand-in-hand with the new way that companies need to view cybersecurity. Today’s reality is that cybersecurity is now a business must have deemed critical by the CEO and the board. Looking forward, cybersecurity decisions will need to be based on evidence and metrics, not assumptions.
To learn more about how cybersecurity experts from around the globe are validating controls and measuring security effectiveness, join Brian Contos, Verodin’s CISO and Vice President of Technology Innovation, and guests in our Cybersecurity Effectiveness Podcast.