4 takeaways from Black Hat 2019

Experts identified new trends and warned of emerging or growing threats, including security's impact on software development and the growing threat social media poses.

The Black Hat conference not only sheds light on the IT security issues currently plaguing organizations, but the emerging issues that will soon affect people and companies. At the latest Black Hat, held in the Mandalay Bay in Las Vegas in August, industry experts offered their insights on how cybercriminals are upping the ante and what IT security professionals can do to combat the constant and unyielding tide of attacks. Here are some trends that presenters and attendees were talking about: 

1. Security development is software development

In his Black Hat keynote address, Dino Dai Zovi, mobile security lead at Square, discussed how security development has segued into software development. According to Dai Zovi, there are three transformational principles for boosting the impact of security within organizations:

  1. Work backward from the job to be done.
  2. Seek and apply leverage, develop feedback loops and scale with software automation.
  3. Understand that culture trumps strategy and tactics every time.

“Security is still a small community, and the problems that we tackle can be huge,” he said in his keynote. “We must work smarter, not just harder, through better software and better automation.” On the importance of automated feedback loops, Dai Zovi said, “We have to build them explicitly, and the tighter feedback loop wins. We have to build security services for observability, so you can understand if the protections are working and also perform anomaly detection. We have to be able to identify attackers when they’re probing, learning, attacking and succeeding.”

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!