Black Hat 2017 has come and gone, and attendees have scattered to the winds, going home to count their new t-shirts, run exhaustive anti-malware passes on their devices and take stock of everything they learned at the conference.
Looking back at the meetings and conversations I had at Black Hat, five words stand out. It's not that these were the only things discussed, by any means, but there were five words that cropped up in many conversations -- and were sub-text in many others. In total, these five words sum up a host of nightmare scenarios -- and potential solutions -- for security professionals.
The interest and impact, though, go far beyond the world of security. There's no question that the general awareness of security issues has grown exponentially in the last decade. That awareness hasn't been accompanied by a rise in overall security, but hope truly springs eternal. So in the hopeful spirit of Black Hat's aftermath, five words to ponder as we gaze into security's future.
Visibility -- If there's one thing that just about everyone at Black Hat agreed upon, it was that CIOs and their management teams have no real clue what their networks look like or what's happening on them. That ignorance gives a huge advantage to criminals who take the time to explore the network as it currently exists and take advantage of weaknesses and vulnerabilities it finds.
In most cases, the experts said, company executives know what the network looked like on the day it was installed or at the time of the most recent major update. What companies need, everyone agreed, is the willingness and budget to know what their network looks like today, from the devices making up the network to those that use it, to the software running on all those devices. It's a daunting task, but absolutely the foundation of any real hope of security.
Diversity -- In the keynote address, Facebook CSO Alex Stamos talked about the need for greater diversity in people, background and thinking if security professionals are going to meet the challenges posed by next-generation criminals.
Criminal hackers will try approaches no one on the legitimate side has considered, and that's where the diversity comes into play. Greater diversity means more avenues of thought and imagination that can be applied to research and security approaches in the search for protection, prevention and remediation -- the three goals for pretty much everyone in security.
Expansion -- What do we mean when we use the word "security"? One of the things people were talking about was the possibility -- and ramifications -- of expanding the definition to include more human behavior topics, from social engineering to social media abuse. In many ways, it makes sense: If you define a security issue as something that causes harm to individuals or the organization, then it makes sense for security professionals to consider it part of their portfolio. On the other hand, actions traditionally labelled "abuse" tend to fall into HR's laps more than security. Should that change? What would it mean if it did? Those are the sort of questions the community will be wrestling with over the coming months.
Track the heartbeat of the virtualization movement with Light Reading at the NFV & Carrier SDN event in Denver. There's still time to register for this exclusive opportunity to learn from and network with industry experts -- communications service providers get in free!
Critical -- As in "critical infrastructure." We've known that water systems, the power grid, energy production sites and other facilities with huge impact footprints have long been targets for attackers. In conversations with researchers at Black Hat, many expressed concern that the attackers are getting better and, as critical infrastructure gets "smarter," attack surfaces multiply. Attacks in the Ukraine have shown that successful breaches of critical infrastructure systems are possible; the question is whether security professionals around the world have done enough to harden the systems under their care. Betting seems to be that the answer is "no."
War -- That computers and networks are now both the targets and instruments of war surprises no one. The worry is that the scope of warfare is rapidly increasing and "collateral damage" will be spreading. In addition, as economic warfare increases, more and more organizations will find themselves targets -- even organizations that have always considered themselves too small, or too inconspicuous, to find themselves on a nation-state target list.
Military operations use military-grade weapons, and the cyber world is no exception.The professionals are girding themselves for response when the wheels of war turn in their direction: When truly massive strikes begin, it's liable to get ugly for a lot of organizations, for a long time.
Those are the five key words I heard: What did you hear from Black Hat that would make your list? Let us know in the comments -- Black Hat is big enough to insure that any individual is going to miss at least one thing of importance!
— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.