Black Hat: the Aftermath and the Possibilities
Cyber Security, Entrepreneurs, Events, High Technology, Innovation Posted Aug 12, 2016 by Kayla Krause
As my colleague Jennifer wrote in her recent blog, last week was an exciting and eventful one for us—and especially our clients attending and presenting at Black Hat USA 2016. For Team CHEN the weeks leading up to the show are packed with scheduling press meetings, coordinating announcements and planning presentations. When Black Hat finally arrives it’s great to see what unfolds and the new technologies and research that people unveil at the Las Vegas conference.
Every year the Black Hat routine seems much the same; the products are newer (or reimagined), and the presenters talk about the same issues and vulnerabilities. In one aspect, however, this year was a little different. After looking over coverage and various presentations, Dan Kaminsky’s keynote stood out. Here’s why.
Black Hat is not just a security conference; it’s not just a tradeshow to network and show off your products and services; it’s not just an excuse to get free food, drinks and swag from other vendors, and enjoy some of the Vegas amenities on the company expense account. But rather, Black Hat is an opportunity for security experts and companies to work together to figure out this whole security thing.
And that was the main point of Dan Kaminsky’s message. The internet needs to be saved. Right now it’s a mess and, because of that, people are starting to lose trust because it is not a safe place to be or do business (i.e. breach after breach after breach). In his IDG.tv interview with Fahmida Rashid, Kaminsky cites a new National Telecommunications & Information Administration (NTIA) study that found half of the American population fears the internet due to unknown security risks. Their willingness (myself included) to embrace new technologies is at an all-time low due to the vulnerabilities and security factors.
Kaminsky challenged the infosec world to move past the supposition that there is an inherent trade-off between security and performance. The goal now is to rethink what is possible with the internet and work together – researchers, engineers and lawmakers – to make things simpler and more secure at the same time. If we stop theorizing and instead create and put these technologies to work—test them in real-world environments—we can make it happen.
We need to figure out what works and get rid of what doesn’t or we’ll continue to experience security failures—and continue to see trust in the internet plummet. Getting together in Vegas with friends and IT security colleagues may be fun, but that is not all that Black Hat should be about. It should be about using the IT security community’s collective genius to discuss and theorize and innovate and solve the problems that plague the internet so that, ultimately, we can save the internet.