Expel insider · 3 MIN READ · BROOKE MCCLARY AND MATT JASTRAM · AUG 15, 2024 · TAGS: Company news / Planning / Vulnerability
TL;DR
- Election infrastructure is critical infrastructure, and is a good exercise in cybersecurity readiness
- Vulnerabilities are a hot topic, and the defenses to mitigate them and data divulged can be used to inform strategy
- Expel published a new ebook on burnout
This year’s DEFCON badge—a raspberry Pi RP2350-powered badge—was worth the 40-minute walk in 105 degree weather.
Black Hat 2024 has officially wrapped, and once again it seems like the cybersecurity event of the summer is back to full strength post-COVID. The attendance level, content, swag (we’re looking at you, Raspberry Pi DEFCON badge), and presentations didn’t disappoint.
After attending Black Hat, BSides, and DEFCON, it’s clear that all the hot topics of 2024 are all pointing towards a shift in cybersecurity—a renewed focus on proactive strategization. In the current state of the world, a strong defense is typically a great cybersecurity strategy. But as the industry matures, security leaders are leaning into familiar frameworks like NIST, MIT, and ICU to evaluate their current cybersecurity infrastructure.
These evaluations will lead to the adoption of new approaches for reducing noise and increasing prioritization and accuracy with tools like AI, vulnerability data, and more. We explored all of those at Black Hat this year.
Election infrastructure is a critical infrastructure
It’s a presidential election year in the US, so voter fraud, election integrity, and political threat actors are all part of the common discourse that heightens every four years here. The keynote focused on the fight for secure elections—and not just in the US—and its impact on cybersecurity.
The expert panel, made up of representatives from the Cybersecurity and Infrastructure Security Agency (CISA), European Union Agency for Cybersecurity (ENISA), the National Cyber Security Centre (NCSC), and the Associated Press shared a few things worth remembering:
- Threat actors are entrepreneurial, and they learn from other agencies
- While election events are disruptive, they don’t affect the integrity of the votes cast, or of the count
- The conversation is about the integrity of the voting process, but the real threat is the discord it sows
And while AI hasn’t gone anywhere, it’s morphed into less of an unknown and more of a double-edged sword. It improves the technology vendors use to fight back and build resilience against cyber attacks, but it also can exacerbate current threats—both in the election cycle, and by improving the current skill sets of bad actors.
One key takeaway from these conversations is that evaluating your org’s security maturity isn’t just quantitative. There are key qualitative metrics orgs should meet too, like understanding the nuance between a cyber threat and the conversations surrounding it, or knowing the limitations and capabilities of AI.
Vulnerabilities are everywhere—in tools and as a conversation topic
From Black Hat to DEFCON, vulnerability-specific sessions were popular as security pros continue to lean in and learn how to address the heaps of vulnerability data available to assist in risk evaluation and mitigation strategies. At Black Hat, Tenable had short presentations on the Exploit Prediction Scoring System (EPSS) and the relevance of score fluctuations. (Spoiler alert: they can be used to reduce vulnerability noise within your program, and guide prioritization for remediation).
DEFCON also had several technical sessions on specific vulnerabilities, like AssumeRole in AWS accounts and Outlook remote code execution (RCE). These sessions provided valuable insights, sharing lessons learned, and strategies for future protection against these threats. Cybersecurity is a team sport, so learning sessions like these about the latest exploit techniques are critical for combating common cyber threats.
Expel addresses burnout
Expel also introduced some new data at Black Hat this year. We published our ebook, Unplug your team: combating cybersecurity burnout. It features tips for identifying and addressing burnout in the industry, as well as some key new insights from our customers. Here’s some of what we’ve learned:
- 100% of respondents agree that managed detection and response (MDR) services can help alleviate stress and burnout
- 95% of respondents say that Expel MDR provides peace of mind when they take time off
- 90% of users surveyed say their ability to identify security threats and risk has improved since deploying Expel
If you’re interested in exploring how Expel can help mitigate burnout and reduce stress, you can reach us here.
And keep an eye out for more coming soon on how vulnerability data can be used to inform your alert and prioritization strategy.
