Experts presented, vendors exhibited, and decision-makers gathered. The 22nd Black Hat conference drew over 20,000 people in the Information Security industry to Las Vegas in early August. People in the InfoSec industry worldwide view this conference as the one to attend for skill-building, hearing the latest research, learning about evolutions in security, and seeing the latest products and solutions.
Because the value is high, attendance to Black Hat is coveted. Each year Sirius selects members of our Security team to attend. What they learn can help guide our efforts into the next year as we utilize the latest trends and topics to help our clients advance their security stance.
Three recurring topics resonated with our team this year: visibility, resilience and automation. All require organizations to take a proactive stance on their cybersecurity strategy.
Start with visibility
Whether users, devices or datasets, awareness is vital to controlling and protecting your most important assets. Networks aren’t linear, and it often takes integration of several technologies and processes to get the clear line of sight necessary to form the complete picture.
Attacks are happening continuously, from manipulation of new infrastructure and application vulnerabilities to threat actors using new approaches to take advantage of human factors. How often are attacks succeeding in your organization? How long does it take for you to discover them?
New technologies can actually make seeing your full network harder at a time when network visibility is more important than ever. Gaining visibility should be in your action plan now. Everything uses the network, and unless you can see it, you can’t control it or protect it.
Build resilience into your systems
Attacks are happening at firms of all sizes, including yours. The ability to quickly recover is crucial. Start with the basics of routine maintenance, and then move from there to modernize and update your infrastructure and processes.
How is cybersecurity different from resiliency? Cybersecurity focuses on defense of IT infrastructure, defining and maintaining user access roles, and identifying and isolating threat areas—all with an eye to protecting systems, networks and data. The foremost goal of cyber resiliency is business continuity. The principles of resiliency take into account risks from across the enterprise, including human factors.
Maintaining your organization’s ability to deliver intended outcomes is a shared goal for all areas of the business. This can be a great topic for starting security conversations with your leadership team and gaining support for the processes and tools necessary for resilience in your IT environment.
Use automation to close the gaps
Automation marries visibility with resiliency. The force multiplier that automation solutions provide can help IT teams overcome skills gaps, budget shortfalls, and limitations on the hours a team can work effectively.
Often referred to as security orchestration, automation and response (SOAR) products, these tools also help reduce the risk of operational errors. Cybersecurity automation products easily handle high levels of complexity and volume, and can execute necessary mitigations immediately.
These concepts had traction at Black Hat, from session presentations to solutions offered in the Business Hall. Incorporating them into your security environment is a good plan for 2020 and beyond.
For a look at all of our takeaways from this year’s Black Hat conference, read our full recap.