Anticipating Black Hat USA 2018

I’m about to leave New England and brave temperatures of 110 degrees or above.  It may sound crazy, but I’m actually looking forward to the trip next week.  Why?  I’m heading to Black Hat USA in Las Vegas, and I’m excited to learn more about:

1. Artificial intelligence in cybersecurity. I am hosting a panel at the CISO Summit titled, The Real Impact of AI on Cybersecurity.  As part of this panel discussion, we will cut through the industry hype around AI/ML and talk about how real enterprise organizations are using and benefiting from the technology.  It should be a fruitful and enlightening discussion.
2. The clouding of enterprise security. ESG research indicates that 85% of organizations use public cloud services today, up from 78% in 2017 and 75% in 2016.  As more and more workloads move to the cloud, cybersecurity controls and operations tools must come along for the ride.  This will lead to a radical shift where cloud security dominates the overall cybersecurity strategy, forcing organizations to re-think how security is managed across the enterprise.  Although this trend is in a genesis phase today, I can’t overstate how big a transition this is.  I’m curious to hear how the industry and enterprise organizations are reacting and planning.
3. The new security perimeters. As I’ve written many times, CISOs tell me that they are losing control of their infrastructure, driven by cloud computing and mobility.  As countermeasures to these trends, many organizations are doubling down on ‘new’ security perimeters: Data security and identity management.  This is one reason why Cisco announced its intent to acquire Duo Security just this morning.  My colleague Doug Cahill and I will be monitoring data security and identity management through many discussions with CASB, DLP, and SDP vendors amongst others.  We’ll also be talking to security executives about topics like privacy and GDPR. 
4. The platform wars. New ESG research reveals that 62% of organizations claim that they’d be willing to spend the majority of their security technology budgets with a single enterprise-class cybersecurity vendor.  So, rather than buying endpoint security software, network security appliances, and email and web security gateways and then cobbling things together themselves, enterprises will start buying comprehensive security platforms offering end-to-end coverage across endpoints, networks, data centers, and the public cloud.  This will lead to fewer transactions but bigger potential deals with long sales cycles.  How will vendors like Check Point, Cisco, FireEye, Fortinet, McAfee, Palo Alto Networks, Symantec, and Trend Micro address changing market conditions?  That’s what we want to find out at Black Hat.
5. Enterprise risk management. CISOs are also being asked to do a better job of reporting risk to corporate boards, so they can better understand how cyber-risks can impact the business.  This means presenting cyber-risk status in a business context.  Unfortunately, many CISOs complain that it’s difficult to collect the right data on a continuous basis or turn geeky data points into useful business risk metrics.  I’ll look to the CISO summit and Black Hat at large to gain insight into how CISOs and industry players like BitSight, Kenna Security, Rapid7, RSA, and Tenable Networks that may help bridge this gap. 

Aside from these technology topics, I’m also curious about how organizations are coping with the perpetual cybersecurity skills shortage that I believe is getting worse over time.  This means perusing the Black Hat menu for thoughtful sessions on training and skills development. 

Finally, I’ll be looking for more insight on critical infrastructure protection, a critical yet neglected topic in our industry.  See you all in Las Vegas baby, yeah!