Black Hat 2021 happened. Last week saw thousands of folks descend upon the desert to learn about the latest trials, tribulations, and triumphs in cybersecurity. A contingent of Code42 was on the ground, and during the time not devoted to wearing the most orange shirts at the conference, we took the opportunity to attend briefings and interact with attendees.
There was plenty to keep us busy with the impromptu “Insider Track” focused on Insider Risk adjacent themes. GPT3, DeepFakes, and Action Bias are now added to the list of things keeping us up at night. That said, there was plenty else going on at the conference. Over the two days of briefings and keynotes, these are the things that stood out:
JC|DC – Same Song, New Verse?
In Thursday morning’s keynote session, incoming Director of CISA Jen Easterly (who is taking over from someone speaking at Insider Risk Summit ) announced the creation of the Joint Cyber Defense Collaborative (JCDC). The private/public initiative will “bring together public and private sector entities to unify deliberate and crisis action planning while coordinating the integrated execution of these plans.” This is a fantastic idea. It also sounds a little bit like it’s a CERT-by-another name but this time the feds are involved. “We’re from the government and we’re here to help” is something that the hacker roots of Black Hat (and DEF CON) may not take too kindly to. This new cooperative will likely be met with skepticism by many in the community including Wednesday’s keynote speaker, Matt Tait, who pointedly stated “The government is not coming to save you” in his keynote the day before Director Easterly took the virtual stage.
Personally, I’m looking forward to seeing how JCDC develops and hopefully contributes to the cybersecurity of private and public entities in the United States and (given that many of JCDC’s launch partners are multi-national) globally.
Pandemic Still on Full Display
The business hall had slimmed down significantly, it was possible to transit between briefings within the allotted break-time, masks were worn, and I didn’t wind up at a hotel 5 miles up the strip. Those were the most obvious signs of the lasting impact of the COVID-19 pandemic upon Black Hat 2021.
Less obviously, many of the vendors who showed up were leaning hard into Zero Trust as THE solution to the woes of remote work and the pandemic. So much so that Zero Trust was one of the “buzzword bingo” selections from Jeff Moss and the CFP review board at Wednesday’s Locknote session. Even while acknowledging that the phrase has become a buzzword and may be a rebrand of “principle of least privilege,” the panel acknowledged that it has value in educating and influencing C-Level decision makers on the importance of security and making concepts more easily digestible to new audiences.
People Are Scarce…and Tired
“Optimizing the human is always such a really fascinating thing because at the end of the day, I think security is still rooted in humans” concluded Director of Strategic Cybersecurity and Communications at Intel and Black Hat CFP Review Board Member Stephanie (Preston) Domas during the closing keynote on Wednesday. The discussion had entered the realm of “what’s the biggest problem” territory and the simple answers were still: there’s a cyber-skills shortage, those people that are around are burnt out, and the attackers will not let up. Domas continued by saying that it’s increasingly important to find ways to separate the signal from the noise of telemetry, alerts, and frankly, logs.
So, how does one combat this burnout problem? Well, if you ask us, we’ve got some ideas on how to make Insider Risk easier to manage, but at its core, investment in cyber-education, scholarships, and new talent is the only solution to this problem. Though, that isn’t going to help those who are feeling the tap of burnout on their shoulders now.