In the first week of August 2020, as I prepped my kids for the start of virtual 7th and 12th grade, I attended my first full virtual conference.
To its credit, Black Hat USA 2020 turned hard left once it was clear that large live events wouldn’t be happening in the second half of 2020, and what they managed to pull off was nothing short of a miracle. Even if, from an analyst’s perspective, the event was nothing like an in-person event, it was incredibly useful for all involved.
Walking downstairs to my makeshift living room office was weird. But was it weirder than walking through a casino at 7:00am to spend a day meeting with cybersecurity technology vendors? Considering I’ve been attending conferences like Black Hat for a quarter of a century, yes, it was weird.
But then I did something that I haven’t done in at least 15 years: I went to a keynote.
You see, typically the first morning (and every other morning) of a show is spent hustling from a hotel suite breakfast meeting to a second breakfast meeting at the buffet at Mandalay Bay. In these meetings, I catch up with old friends and customers, talking about the show and what they’re announcing.
Keynotes are often little more than hot wind from big-dollar sponsors. But not at Black Hat. This year's day one keynote came from a Georgetown professor of computer science and law, and it was about election integrity. I spent an hour developing a new level of anxiety about the 2020 U.S. presidential election, learning from a speaker with deep knowledge of this critical issue.
As it seemed that most vendors staffed their booths with salespeople, I didn’t have the same networking opportunities an in-person conference would have presented, so I dove into more sessions on a wide range of topics, such as how to defend containers (like a ninja), more on election security, reverse engineering Tesla batteries, and adversarial use of AI and ML.
Wednesday's locknote wrap-up session came fast, and the discussion gave me a second list of sessions I needed to go back to and watch on demand.
I woke up Thursday morning excited to tune into the second day keynote; Renée DiResta from Stanford’s Internet Observatory was presenting a session titled “Hacking Public Opinion,” and this one session made the entire event for me.
DiResta offered a deep and thoughtful discussion about the information operations capabilities of China and Russia, the techniques they are using to sow discord outside their borders, and the ways they manipulate public opinion in their own countries. This “fake news” discussion was revelatory and powerful and frankly should be made public for the world to see, especially ahead of the November election in the U.S.
The rest of Thursday was much like the rest of day one. I attended more briefings and a few sponsored sessions (most of which were delightfully technical and not just thinly veiled sales pitches).
The day two locknote discussion gave me a second list of sessions to watch on demand, but I couldn’t stop thinking about DiResta’s presentation and the implications of it. And that’s weird as well. I attended a technical conference on cybersecurity, and I walked away with significant conclusions about democracy, voting, and disinformation that have personal, global, and political implications.
So yes, Black Hat USA 2020 virtual was weird. But it was a good kind of weird. It felt like the first conferences I attended 25 years ago as a junior analyst, when I was just looking to learn as much as I could.
In the end, this new way to do Black Hat mirrored my personal COVID-19 experience; it gave me a chance get off the relentless commercial treadmill of being an industry analyst, to slow down and learn something new.
As I compare the overall experience at Black Hat USA 2020 with the last large conference I attended in San Francisco right before shelter-in-place started, I greatly prefer Black Hat—and not just because I got to wear shorts and see my kids before and after the event.
As a write this, I just found out that California has been warned about the possibility of a fire tornado, and I had to do a quick search, because that sounds straight out of Pokémon. But that’s 2020 for you, the year where everything was weird.Jeff has more than 25 years of experience analyzing the cybersecurity technology market and providing guidance to vendors. He possesses one of the longest-running and most accurate forecast track records in cybersecurity technology, with forecast models dating back to ... View Full Bio