EXPEL BLOG

Black Hat 2023 roundup: a week to reflect on

· 2 MIN READ · KELLY FIEDLER · AUG 22, 2023 · TAGS: Company news

What happens in Vegas stays in Vegas. Except for this Black Hat round up.

We were pretty stoked for Black Hat 2023. You get to hang with industry colleagues, strut your company’s stuff, listen to what’s on cybersecurity leaders’ minds, and, of course, Vegas Baby.

We did all these things and then some, and now that the dust has settled a bit, we thought it might be helpful to reflect.

Artificial intelligence (AI) is on everybody’s mind.

Which makes sense. This emerging body of technologies and the tactics and practices they make possible have absolutely massive implications for … well, just about everybody.

Fredrik Heiding, a prominent Harvard researcher, closed his day one session by quoting the lead character in the summer’s second biggest movie: “I don’t know if we can be trusted with such a weapon. But we have no choice.” Robert Oppenheimer was talking about nukes, the most dangerous innovation in human history (so far), but the reference to AI wasn’t much of a stretch. What we know about the tech and where it’s headed is sobering. Even more concerning is what we don’t know.

Other speakers, including Black Hat founder Jeff Moss and keynoter Maria Markstedter, founder of Azeria Labs, also emphasized the challenges posed by AI. Defenders are playing catch-up in the AI arms race, she noted, and the skills needed to succeed in this environment are going to change. And keep changing.

While we’re on the subject of skills…

The skills shortage was a big topic on day 2. The industry faces a huge talent deficit, but much of the problem is self-inflicted. Kembe Walden, Acting National Cyber Director, Executive Office of the President, said it’s time for organizations to look past the standard on-paper qualifications that have traditionally defined job searches. Many important skills and character traits that translate well to the security operation center (SOC) don’t show up in a narrow résumé review, and that’s a problem for us all.

Boy, do we agree with that. Have a look at what our CEO wrote in Forbes a few months ago.

And we can’t forget the buzz on vulnerabilities.

There are huge numbers of software vulnerabilities. The number is growing. Many are critical. But 70% of SOCs have a hard time prioritizing what needs patching.

Black Hat attendees—and the industry at large—are buzzing about what’s new, what’s old (and still a problem) and how to patch ‘em. This is why we introduced Expel® Vulnerability Prioritization. See what our vulnerability guru, Matt Jastram, has to say about how helpful it is to security orgs.

We made some noise of our own.

In addition to our announcement on the general availability of Expel Vulnerability Prioritization, we were extra pumped for Black Hat this year because we released the research we sponsored with the Cloud Security Alliance (CSA). Our report, Security-Enabled Innovation and Cloud Trends, revealed some interesting—and sometimes surprising—stats about the role that security plays within the innovation culture of orgs, alongside multi-cloud, cloud migration, and Kubernetes usage trends. I urge you to check it out—and register for our webinar on August 23 while you’re at it.

That’s a wrap on another exciting year at Mandalay Bay. Want to keep the conversation going? We’re always ready to talk about what’s on your mind, so drop us a line anytime.