Black Hat 2018 may be behind us, but the trends, conversations and news coming out of the show are still top of mind. The conference was buzzing with cutting-edge topics, from election hacking to “whack-a-mole” security (as dubbed by Parisa Tabriz, director of engineering at Google).
For me, Black Hat is a time to connect with customers, prospects, partners, colleagues and friends to discuss the latest in insider threat management. Typically, during conference season, I come away with a few key takeaways (and free swag) that inform decisions I make for the strategy and management of the organization I run. This year proved to be no different.
Self-driving cars, election hacking and more
Black Hat is one of the top conferences for security professionals to learn about the latest technologies and vulnerabilities to be aware of in the coming year. From the surprising safety of self-driving cars, to new ways to hack into what many thought were secure systems, Black Hat is the spot for the latest innovations, hacking methods and more.
Here are a few of the “hot” new trends I felt were top of mind this year:
- Self-driving car safety: Even with widespread scrutiny over the safety of self-driving cars, famous car hackers Chris Valasek and Charlie Miller showed attendees that they may actually be safer than a typical motor vehicle. They shared that, more often than not, fully automated self-driving cars are restricted to very specific mapped areas, so the car’s internal sensors are well aware of its surroundings. According to Valasek and Miller, these vehicles also leverage known enterprise and industrial best practices to secure the internal vehicle control system from hackers.
- Election hacking: With midterm elections around the corner, it’s no surprise that election hacking was also a major topic of conversation at Black Hat. According to Carsten Schuermann, an associate professor at the IT University of Copenhagen, hacking voting machines is easy, but confirming whether an attack has actually occurred is the hard part. Several common voting machines, including the WinVote machine used in the early 2000s, ran on outdated operating systems that never had any security updates installed. Schuermann noted that finding a vulnerability in one of these machines was akin to finding a needle in a haystack, as there was never a “normal” operating structure established for voting machines.
- Ambiguity around artificial intelligence: Finally, while machine learning and artificial intelligence have been dominating headlines recently, the security community has not definitively determined the best avenue to implement these technologies for success. During Black Hat, many conversations focused on how AI can help cybersecurity professionals, but many argued that this technology can also be utilized just as easily by malicious actors to disrupt and hack systems. Only time will tell how machine learning and AI will impact the cybersecurity community.
Insider threats are the new reality
While securing voting booths and the safety of self-driving cars are some of the hot trends in vulnerability awareness right now, one of the biggest (but perhaps less understood) threats to businesses today and in the future are the malicious or negligent actions of employees. While insider threats may not have made the big headlines, the Black Hat expo floor was buzzing with talk of these threats, in light of recent high-profile incidents caused by insiders at Tesla and Apple.
Over the past few years the concept of the insider threat has moved to the forefront of cybersecurity conversations. This is for good reason. Recent data shows that the average cost of an insider-related incident over a 12-month period is $8.76 million, and it takes more than two months, on average, to contain these incidents. Since 2016, the average number of incidents involving employee or contractor negligence has increased by 26 percent, and by 53 percent for criminal and malicious insiders. The industry data, coupled with recent insider-driven breaches, prove that identifying and mitigating these threats is now mission-critical for all organizations.
Data loss prevention is a throwback technology
Further, despite exciting new technology innovations showcased at Black Hat and a heightened risk environment overall, I’m shocked to see so many organizations still stuck in the past when it comes to how they’re protecting their sensitive data.
For many years, data loss prevention (DLP) tools were the “go-to” solutions to prevent sensitive data from leaking outside the organization, but DLP tools put unnecessary burden on the endpoint and create barriers that make it harder for people to be productive. Additionally, these tools require lengthy deployments, they are complicated to maintain, and they drain an organization’s resources. While they may catch some threats, they are not designed to help security teams investigate or respond effectively, and they don’t have proactive user education built in to reduce accidental misuse. The bottom line is, DLP technology is dated, and simply isn’t sufficient to protect against insider threats.
Goodbye Black Hat… and DLP
Black Hat opened my eyes to new trends within the cybersecurity community, but the standout takeaway for me is that times are changing, and traditional cybersecurity tools are no longer enough to protect an organization’s assets.
Instead of relying on a traditional DLP-based strategy focused exclusively on data, organizations should implement a holistic strategy focused on people, data and analytics. They can start by shifting to an approach that provides full visibility into user actions (including employees, vendors and contractors) and that alerts them in real-time to any out-of-policy actions. This should be coupled with technology that has streamlined processes in place to quickly remediate incidents involving data loss and flexible prevention controls that align with the business goals and ensure a 360-degree organizational view.
What were your key takeaways from the conference? Feel free to reach out on Twitter to let me know your favorite part of Black Hat 2018.