That’s a wrap! Top 3 takeaways from Black Hat
Even with Vegas in the rearview mirror, we’re still reeling from the excitement of our first time exhibiting at Black Hat USA. Mandalay Bay buzzed with the energy of a community nostalgic for its days at summer camp—Hacker Summer Camp, that is.
This year’s event felt especially energized with more people, exhibitors, and fun.
Our friendly bots, Josie™ and Ruxie™, joined us on the showfloor (plushies, anyone?), and we chatted with friends old and new about our approach to security. Then, through lots and lots of demos, we showed why we believe security can even be delightful.
Now that the dust has settled and our suitcases are (mostly) unpacked, here are some of our big takeaways.
1. Having your head in the clouds might not be such a bad thing…
Cloud security continues to gain momentum as a hot conference topic across the industry—and for good reason. In his keynote address, Chris Krebs of the Krebs Stamos Group, and former director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), touched on the increasingly complex issue.
He argued the pandemic drove an accelerated move to cloud infrastructures, creating larger ecosystems where productivity and ease tend to win over security. Cybercriminals understand this shift, so defenders must be ready.
It’s part of the reason we just released this handy guide to mapping the MITRE ATT&CK Framework to Google Cloud Platform (GCP). We’re sharing the lessons we’ve learned through our own investigations to help you and your team tackle GCP incident investigations—so we can take on the cloud, together. (And if you’re operating in Amazon Web Services (AWS) or Azure, don’t sweat it—we’ve got you covered with our AWS Mind Map and Azure Guidebook.)
2. (Cyber) history repeats itself—it’s up to us to look for the signs.
Kim Zetter, author and investigative journalist, reminded us that we’ve seen a lot of the same warning signs about cyber risk before. According to Zetter, the 2010 discovery of Stuxnet triggered a shift in cybercrime—opening the eyes of the community to the link between cybersecurity and national security. But despite the incredible advancements the industry has made since Stuxnet, many organizations still suffer from major, preventable incidents because they didn’t heed the warning signs.
At Expel, we’ve also seen this pattern of attackers relying on tried-and-true techniques across our customer base. Our recent research revealed a shift in pre-ransomware activity, as attackers opted for older techniques to combat new changes by Microsoft (more on this in our Expel Quarterly Threat Report).
We’re seeing threat actors continue to use old techniques instead of adopting new ones. Why? Because it works. But there’s a silver lining: if we continue information sharing across the growing community of cybersecurity defenders, then we have a better chance at seeing the writing on the wall and identifying signs of potential threats before they cause harm. (Hint: this is the goal behind our quarterly threat reports.)
3. It’s going to take a village.
Community reigned as the overarching theme of the week. This thread ran through keynotes and briefings alike, as this tight-knit community of defenders steadily grows alongside the threats we face. We heard from industry icons, including Jeff Moss, the founder of Black Hat himself, about the new team emerging when it comes to cybersecurity: the community of people using their roles in cybersecurity to improve the world.
Moss noted that businesses responding to the Russian invasion of Ukraine demonstrated the cybersecurity industry’s significant influence in the world, as some companies turned off access to their services or shut down their websites.
The point? We’re part of an influential community with the power to do some good in the world—but it’s going to take us working together to get there.
Now that it’s all said and done, we’re already counting down the days until it’s time to pack our bags and head back to camp! Ahead of the show, we shared the product advancements, resources, and capabilities we’ve been hard at work on, and we can’t wait to keep the excitement rolling. Want to know more about how we do what we do? Reach out anytime.