Black Hat USA 2020: Security Trends, Virtual Learnings & Cocktails
Aug 12, 2020 Sarah Lytle
Last week’s Black Hat USA marked the first time in the event’s 23 year history where cybersecurity marketers, executives and elite threat researchers came together virtually. Over the past six months, COVID-19 has impacted nearly every aspect of life and business, so it was expected that most conversations during the event would center around the lasting effects of the pandemic, as it relates to cybersecurity.
The Inkhouse Security Practice kept a close eye on the major trends coming out of the conference, while facilitating a creative, virtual media event during the busy week. Post-show we connected with Tim Wilson, editor-in-chief at Dark Reading, Black Hat’s media sponsor, to hear his thoughts in retrospect. Here’s what we learned:
COVID-19 Sets the Stage
Despite the new format, Black Hat’s steady stream of security research and lineup of notable speakers kept the caliber of the conference on par with years’ past. Black Hat has always been a key forum for information sharing and security networking, but it also serves as a well-watched platform to address the industry’s biggest issues. This year’s sessions could not have been more timely, with topics focused on COVID-19’s relentless pressure on election and healthcare security.
“Black Hat’s 2020 Attendee Survey illustrated that more than 80 percent of security professionals believe that COVID-19 will drive a major shift in cybersecurity risk and enterprise practices, not just for the near term but over the long haul,” said Dark Reading Editor-in-Chief Tim Wilson. “The attendees at Black Hat are seeing this as a sea change in the way businesses communicate.”
Wilson added, “The Black Hat USA team did an amazing job pivoting from a live event to a virtual event in a few short months, and the quality of the content and the audience was remarkable, with over 16,000 attendees. Although it was virtual, Dark Reading filed more content than ever at the show, including four hours of News Desk video interviews and dozens of stories, including advances, live show coverage, and post-show review articles. We did as much coverage as we would have done at a live show, and then some.”
COVID-19 contributes to the already daunting task of election security. Keynote speaker, Matt Blaze, spoke about how the technology and infrastructure we depend on for voting suffers from exploitable vulnerabilities that could be used to cast doubt on the integrity of elections. Blaze concluded with a call to action for attendees to help secure the upcoming election -- a first for election security, but something standard across many industries, from smart home accessories to online banking to medical devices, as manufacturers seek outside help to ensure their systems are secure.
According to Wilson, “Black Hat’s 2020 Attendee Survey indicates that most security professionals believe that external influences will have a major impact on November’s elections. In fact, 31 percent of respondents said that they believe the elections are not only at risk, but the results of the voting will always be in doubt.”
Voting machine-maker Election Systems & Software has stepped up to meet Blaze’s challenge, formally announcing a vulnerability disclosure policy during Wednesday’s Black Hat session. The announcement solidified that third party cooperation can play a major role in securing critical election infrastructure.
Vulnerability research affecting medical devices and systems was a popular topic of the week, with Dr. Alan Michaels, director of the Electronic Systems Lab at the Hume Center for National Security and Technology, speaking Wednesday on security risks associated with implanted smart medical devices, such as pacemakers and insulin pumps. The instruments, if unsecured, could be compromised like other smart devices to listen in on conversations, access classified information, and even expose the location of secure facilities.
There has also been an increased push for the medical community to proactively secure their products and systems, given the rise in ransomware and other attacks targeting the healthcare industry. In parallel, McAfee’s Advanced Threat Research team disclosed new research on medical robots with remotely-exploitable vulnerabilities that could lead to mobile, audio and video tampering on the hospital floor.
Stirring the Creativity: A Virtual Media Cocktail Hour 🍸
As a team specializing in media relations and creative services, the Inkhouse Security Practice couldn’t let this year’s Black Hat go by without capitalizing on the virtual nature of the event. We thought, if we couldn’t all gather in Las Vegas to network this year, why not bring the networking flair into our homes -- through a virtual cocktail hour alongside some of our clients, industry leaders and press.
We kicked off the virtual cocktail hour with a mixologist demoing signature security-themed drinks like the Malware Mule, Hacker-tini and Phish Bowl. We then handed the virtual ‘mic’ over to security influencer, Shira Rubinoff, who held a conversational panel alongside several cybersecurity experts. Topics touched on security trends that may affect remote work, cybercriminals’ latest schemes, and election security, and the panel conversation was captured in a timely SDxCentral article.
The creative event received positive feedback from press and partners, and we were thrilled to bring a little bit of that coveted Black Hat magic into our homes, with a Malware Mule in hand.
Interested in learning more about maximizing your organization’s presence at the next virtual security event? Subscribe to our newsletter or contact a member of our security practice at firstname.lastname@example.org.