Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

8/20/2020
10:30 AM
Jeff Wilson
Jeff Wilson
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay

Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.

In the first week of August 2020, as I prepped my kids for the start of virtual 7th and 12th grade, I attended my first full virtual conference.

To its credit, Black Hat USA 2020 turned hard left once it was clear that large live events wouldn’t be happening in the second half of 2020, and what they managed to pull off was nothing short of a miracle. Even if, from an analyst’s perspective, the event was nothing like an in-person event, it was incredibly useful for all involved.

Walking downstairs to my makeshift living room office was weird. But was it weirder than walking through a casino at 7:00am to spend a day meeting with cybersecurity technology vendors? Considering I’ve been attending conferences like Black Hat for a quarter of a century, yes, it was weird.

But then I did something that I haven’t done in at least 15 years: I went to a keynote.

You see, typically the first morning (and every other morning) of a show is spent hustling from a hotel suite breakfast meeting to a second breakfast meeting at the buffet at Mandalay Bay. In these meetings, I catch up with old friends and customers, talking about the show and what they’re announcing.

Keynotes are often little more than hot wind from big-dollar sponsors. But not at Black Hat. This year's day one keynote came from a Georgetown professor of computer science and law, and it was about election integrity. I spent an hour developing a new level of anxiety about the 2020 U.S. presidential election, learning from a speaker with deep knowledge of this critical issue.

As it seemed that most vendors staffed their booths with salespeople, I didn’t have the same networking opportunities an in-person conference would have presented, so I dove into more sessions on a wide range of topics, such as how to defend containers (like a ninja), more on election security, reverse engineering Tesla batteries, and adversarial use of AI and ML.

Wednesday's locknote wrap-up session came fast, and the discussion gave me a second list of sessions I needed to go back to and watch on demand.

I woke up Thursday morning excited to tune into the second day keynote; Renée DiResta from Stanford’s Internet Observatory was presenting a session titled “Hacking Public Opinion,” and this one session made the entire event for me.

DiResta offered a deep and thoughtful discussion about the information operations capabilities of China and Russia, the techniques they are using to sow discord outside their borders, and the ways they manipulate public opinion in their own countries. This “fake news” discussion was revelatory and powerful and frankly should be made public for the world to see, especially ahead of the November election in the U.S.

The rest of Thursday was much like the rest of day one. I attended more briefings and a few sponsored sessions (most of which were delightfully technical and not just thinly veiled sales pitches).

The day two locknote discussion gave me a second list of sessions to watch on demand, but I couldn’t stop thinking about DiResta’s presentation and the implications of it. And that’s weird as well. I attended a technical conference on cybersecurity, and I walked away with significant conclusions about democracy, voting, and disinformation that have personal, global, and political implications.

So yes, Black Hat USA 2020 virtual was weird. But it was a good kind of weird. It felt like the first conferences I attended 25 years ago as a junior analyst, when I was just looking to learn as much as I could.

In the end, this new way to do Black Hat mirrored my personal COVID-19 experience; it gave me a chance get off the relentless commercial treadmill of being an industry analyst, to slow down and learn something new.

As I compare the overall experience at Black Hat USA 2020 with the last large conference I attended in San Francisco right before shelter-in-place started, I greatly prefer Black Hat—and not just because I got to wear shorts and see my kids before and after the event.

As a write this, I just found out that California has been warned about the possibility of a fire tornado, and I had to do a quick search, because that sounds straight out of Pokémon. But that’s 2020 for you, the year where everything was weird.

Jeff has more than 25 years of experience analyzing the cybersecurity technology market and providing guidance to vendors. He possesses one of the longest-running and most accurate forecast track records in cybersecurity technology, with forecast models dating back to ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Malware Attacks Declined But Became More Evasive in Q2
Jai Vijayan, Contributing Writer,  9/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15216
PUBLISHED: 2020-09-29
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revisio...
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...