Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Infrastructure Security

01:40 PM
Curtis Franklin
Curtis Franklin
Curt Franklin

Five Words for Black Hat

The Black Hat 2017 conference could be summed up in five words: Should there be more?

Black Hat 2017 has come and gone, and attendees have scattered to the winds, going home to count their new t-shirts, run exhaustive anti-malware passes on their devices and take stock of everything they learned at the conference.

Looking back at the meetings and conversations I had at Black Hat, five words stand out. It's not that these were the only things discussed, by any means, but there were five words that cropped up in many conversations -- and were sub-text in many others. In total, these five words sum up a host of nightmare scenarios -- and potential solutions -- for security professionals.

The interest and impact, though, go far beyond the world of security. There's no question that the general awareness of security issues has grown exponentially in the last decade. That awareness hasn't been accompanied by a rise in overall security, but hope truly springs eternal. So in the hopeful spirit of Black Hat's aftermath, five words to ponder as we gaze into security's future.

Visibility -- If there's one thing that just about everyone at Black Hat agreed upon, it was that CIOs and their management teams have no real clue what their networks look like or what's happening on them. That ignorance gives a huge advantage to criminals who take the time to explore the network as it currently exists and take advantage of weaknesses and vulnerabilities it finds.

In most cases, the experts said, company executives know what the network looked like on the day it was installed or at the time of the most recent major update. What companies need, everyone agreed, is the willingness and budget to know what their network looks like today, from the devices making up the network to those that use it, to the software running on all those devices. It's a daunting task, but absolutely the foundation of any real hope of security.

Diversity -- In the keynote address, Facebook CSO Alex Stamos talked about the need for greater diversity in people, background and thinking if security professionals are going to meet the challenges posed by next-generation criminals.

Criminal hackers will try approaches no one on the legitimate side has considered, and that's where the diversity comes into play. Greater diversity means more avenues of thought and imagination that can be applied to research and security approaches in the search for protection, prevention and remediation -- the three goals for pretty much everyone in security.

Expansion -- What do we mean when we use the word "security"? One of the things people were talking about was the possibility -- and ramifications -- of expanding the definition to include more human behavior topics, from social engineering to social media abuse. In many ways, it makes sense: If you define a security issue as something that causes harm to individuals or the organization, then it makes sense for security professionals to consider it part of their portfolio. On the other hand, actions traditionally labelled "abuse" tend to fall into HR's laps more than security. Should that change? What would it mean if it did? Those are the sort of questions the community will be wrestling with over the coming months.

Track the heartbeat of the virtualization movement with Light Reading at the NFV & Carrier SDN event in Denver. There's still time to register for this exclusive opportunity to learn from and network with industry experts -- communications service providers get in free!

Critical -- As in "critical infrastructure." We've known that water systems, the power grid, energy production sites and other facilities with huge impact footprints have long been targets for attackers. In conversations with researchers at Black Hat, many expressed concern that the attackers are getting better and, as critical infrastructure gets "smarter," attack surfaces multiply. Attacks in the Ukraine have shown that successful breaches of critical infrastructure systems are possible; the question is whether security professionals around the world have done enough to harden the systems under their care. Betting seems to be that the answer is "no."

War -- That computers and networks are now both the targets and instruments of war surprises no one. The worry is that the scope of warfare is rapidly increasing and "collateral damage" will be spreading. In addition, as economic warfare increases, more and more organizations will find themselves targets -- even organizations that have always considered themselves too small, or too inconspicuous, to find themselves on a nation-state target list.

Military operations use military-grade weapons, and the cyber world is no exception.The professionals are girding themselves for response when the wheels of war turn in their direction: When truly massive strikes begin, it's liable to get ugly for a lot of organizations, for a long time.

Those are the five key words I heard: What did you hear from Black Hat that would make your list? Let us know in the comments -- Black Hat is big enough to insure that any individual is going to miss at least one thing of importance!

Related posts:

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-08-10
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
PUBLISHED: 2020-08-10
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
PUBLISHED: 2020-08-10
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
PUBLISHED: 2020-08-10
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
PUBLISHED: 2020-08-10
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.