Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

8/20/2020
10:30 AM
Jeff Wilson
Jeff Wilson
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay

Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.

In the first week of August 2020, as I prepped my kids for the start of virtual 7th and 12th grade, I attended my first full virtual conference.

To its credit, Black Hat USA 2020 turned hard left once it was clear that large live events wouldn’t be happening in the second half of 2020, and what they managed to pull off was nothing short of a miracle. Even if, from an analyst’s perspective, the event was nothing like an in-person event, it was incredibly useful for all involved.

Walking downstairs to my makeshift living room office was weird. But was it weirder than walking through a casino at 7:00am to spend a day meeting with cybersecurity technology vendors? Considering I’ve been attending conferences like Black Hat for a quarter of a century, yes, it was weird.

But then I did something that I haven’t done in at least 15 years: I went to a keynote.

You see, typically the first morning (and every other morning) of a show is spent hustling from a hotel suite breakfast meeting to a second breakfast meeting at the buffet at Mandalay Bay. In these meetings, I catch up with old friends and customers, talking about the show and what they’re announcing.

Keynotes are often little more than hot wind from big-dollar sponsors. But not at Black Hat. This year's day one keynote came from a Georgetown professor of computer science and law, and it was about election integrity. I spent an hour developing a new level of anxiety about the 2020 U.S. presidential election, learning from a speaker with deep knowledge of this critical issue.

As it seemed that most vendors staffed their booths with salespeople, I didn’t have the same networking opportunities an in-person conference would have presented, so I dove into more sessions on a wide range of topics, such as how to defend containers (like a ninja), more on election security, reverse engineering Tesla batteries, and adversarial use of AI and ML.

Wednesday's locknote wrap-up session came fast, and the discussion gave me a second list of sessions I needed to go back to and watch on demand.

I woke up Thursday morning excited to tune into the second day keynote; Renée DiResta from Stanford’s Internet Observatory was presenting a session titled “Hacking Public Opinion,” and this one session made the entire event for me.

DiResta offered a deep and thoughtful discussion about the information operations capabilities of China and Russia, the techniques they are using to sow discord outside their borders, and the ways they manipulate public opinion in their own countries. This “fake news” discussion was revelatory and powerful and frankly should be made public for the world to see, especially ahead of the November election in the U.S.

The rest of Thursday was much like the rest of day one. I attended more briefings and a few sponsored sessions (most of which were delightfully technical and not just thinly veiled sales pitches).

The day two locknote discussion gave me a second list of sessions to watch on demand, but I couldn’t stop thinking about DiResta’s presentation and the implications of it. And that’s weird as well. I attended a technical conference on cybersecurity, and I walked away with significant conclusions about democracy, voting, and disinformation that have personal, global, and political implications.

So yes, Black Hat USA 2020 virtual was weird. But it was a good kind of weird. It felt like the first conferences I attended 25 years ago as a junior analyst, when I was just looking to learn as much as I could.

In the end, this new way to do Black Hat mirrored my personal COVID-19 experience; it gave me a chance get off the relentless commercial treadmill of being an industry analyst, to slow down and learn something new.

As I compare the overall experience at Black Hat USA 2020 with the last large conference I attended in San Francisco right before shelter-in-place started, I greatly prefer Black Hat—and not just because I got to wear shorts and see my kids before and after the event.

As a write this, I just found out that California has been warned about the possibility of a fire tornado, and I had to do a quick search, because that sounds straight out of Pokémon. But that’s 2020 for you, the year where everything was weird.

Jeff has more than 25 years of experience analyzing the cybersecurity technology market and providing guidance to vendors. He possesses one of the longest-running and most accurate forecast track records in cybersecurity technology, with forecast models dating back to ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This is not what I meant by "I would like to share some desk space"
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-3686
PUBLISHED: 2021-01-21
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobi...
CVE-2020-3687
PUBLISHED: 2021-01-21
Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue in XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
CVE-2020-3691
PUBLISHED: 2021-01-21
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...
CVE-2020-11167
PUBLISHED: 2021-01-21
Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...
CVE-2020-11179
PUBLISHED: 2021-01-21
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...