What to Expect at Black Hat 2019

The Black Hat conference—held annually during the summer in Las Vegas—is one of the largest cybersecurity events. It’s the “yin” to the RSA Conference’s “yang.” While both are cybersecurity conferences, each has a unique flavor to it. So, what can you expect at Black Hat 2019?

The Dark(er) Side of Cybersecurity

For those who may not be familiar with the stereotypes, those who wear black hats are traditionally the bad guys. Watch any old Western movie and you will generally find the town sheriff or hero wearing a white hat, while the shady and unsavory criminal characters wear the black hats. The world of cybersecurity adopted these stereotypes as well—with white hats being the benevolent security researchers and developers, and black hats being the cyber criminals. There are also some referred to as gray hats. Gray hats are not cyber criminals per se but have a more tenuous understanding of laws and ethics when it comes to poking around.

Based on those broad definitions, I would say it’s a bit of a misnomer to call this conference Black Hat. It is more gray hat at best. Where the RSA conference has a very vendor-centric focus and offers cybersecurity companies an opportunity to show off their products and capabilities, Black Hat is aimed more at the hackers and cybersecurity professionals working in the trenches. The general focus of the keynotes and presentations revolves around actual hacks and exploits.

Companies and researchers often unveil shocking discoveries at Black Hat. In 2010, Barnaby Jack—who is unfortunately no longer with us—amazed and delighted the Black Hat audience with a hack of an ATM that cause it to just spew cash. In 2016, Charlie Miller and Chris Valasek demonstrated exploits capable of remotely hacking a Jeep and taking control of the accelerator, brakes, steering and parking brake while the vehicle was moving. In 2018, researchers showed that pacemakers and insulin pumps are vulnerable to remote attacks.

According to a recent Threatpost article, researchers from IOActive will unveil concerning findings from reverse-engineering a Boeing 787 “Dreamliner” aircraft. The teaser suggests that researchers found several vulnerabilities that could allow an attacker to compromise the security of the plane’s network and possibly mess with in-flight safety mechanisms or other crucial systems.

Alert Logic is Here to Help

It can be an enlightening experience for sure. We’re used to dealing with cybersecurity in a more theoretical or esoteric way. Patching vulnerabilities and implementing endpoint protection to guard against the ransomware attack du jour seem almost trivial when you realize there are exploits out there that can literally kill somebody. After you attend briefing sessions like that, it’s easy to feel a bit exposed and overwhelmed.

Clever stunts aside, Black Hat provides a tremendous amount of insight into emerging threats and attack techniques that organizations must face on a daily basis. Black Hat attendees are there to learn about new research and trends in cyber attacks so they can protect against the rising tide of ransomware and cryptojacking, and address vulnerabilities and web application security, and figure out how to be more vigilant and monitor everything more effectively.

Thankfully, Black Hat still offers the vendor side of things as well. You can head over to the expo hall to talk with cybersecurity experts and find out what the vendors have to offer to help you guard against a constantly expanding and shifting threat landscape.

Alert Logic will be there. Please come by Booth 1438 to learn about SIEMless Threat Management, and how Alert Logic combines platform, intelligence, and experts to provide customers with effective cybersecurity—the kind that gives you some confidence and peace of mind.

 

About the Author

Tony Bradley - Senior Manager of Content Marketing for Alert Logic

Tony Bradley

Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002. Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and DevOps.com. He has established a reputation for effective content marketing, and building and engaging a community and social media audience.

Connect | Email Me | More Posts by Tony Bradley