Last week, I attended my first Black Hat event, Black Hat USA 2018, where attendees from around the world converged on the Las Vegas Strip to discuss the latest in information security research, development, risks, and trends. For two days, I networked with security professionals, explored vendor booths, attended various briefings/sessions, and enjoyed sponsor parties. After a weekend of recovery and reflection, I’ve come up with a few takeaways:
Black Hat should be treated primarily as a networking event. While the sessions and booths were interesting, I benefited the most from meeting, mingling, and networking with security professionals at all career levels, academia, world-class researchers, and leaders in the public and private sectors. As a veteran transitioning into cybersecurity, this was a tremendous opportunity for me to expand my network.
Black Hat is a marathon, not a sprint. Endurance and discipline are required to successfully navigate this two-day desert trek. With briefings and events spread out across the convention center, different restaurants, and The Strip, it feels like I walked over 26 miles. Plus, if not careful, the late-night vendor parties and temptations of The Strip can veer you off course for day two.
“Attackers have strategies but defenders only seem to have tactics.” As Jeff Moss expressed in his keynote remarks, the industry seems to be focused only at the tactical level. The Business Hall featured a range of specialized security products and solutions that were mostly more of the same endpoint, network, email, and cloud controls. This overwhelming selection of tactical tools makes it very difficult for organizations to develop a holistic security strategy supported by an integrated security stack.
Verodin holistically monitors an organization’s environment and delivers the evidence needed to measure, manage, and improve cybersecurity effectiveness in order to mitigate business and financial risk from cyber. Verodin's Security Instrumentation Platform (SIP)’s dashboards and reports enable the user to identify high-level areas of weakness and strength, as well as targets for optimization. By removing assumptions and testing/challenging controls, Verodin SIP is foundational to all aspects of cybersecurity across people, processes, and technologies.
Black Hat USA 2018 was an incredible experience and I met so many security professionals dedicated to elevating the role of cybersecurity within their organizations. Verodin is focused on elevating cybersecurity from the perception of a "magic black box" to an evidence-based, data-driven business function. To learn more, request a demo here.