Name: Black Hat Analysis
Uploaded: 2024-08-06T17:00:00.000Z

Clips
News
More from Black Hat USA 2024

Balancing the complexities of modern cybersecurity: theCUBE insights from Black Hat USA

The surge in cybersecurity vendor sprawl has become a major issue in the tech world.As artificial intelligence and data integration advance, the sheer number of security vendors complicates an already challenging landscape. With cyber threats becoming more sophisticated, a strategic and disciplined approach to security management is essential.“One of the things that’s really notable is cybersecurity [mattered] in a lot of different places before,” said Savannah Peterson (pictured, left), event host for theCUBE, SiliconANGLE Media’s livestreaming studio. “We’re not just talking about on-prem or in the cloud; we’re talking about edge

play_circle_outline Cybersecurity at Black Hat conference

play_circle_outline Importance of AI and gen AI in security solutions

play_circle_outline Importance of AI in security solutions

play_circle_outline Gaps in CEO perception of system security vs actual vulnerabilities

Info
Transcript

Black Hat Analysis

The Black Hat cybersecurity conference in Las Vegas highlights the growing importance of security amidst increasing cyber threats. The industry, with numerous vendors and products, is in need of a reset to combat ongoing dangers. AI and data tech have contributed to the rise in cybercrime. Companies should prioritize system protection and utilize innovative solutions from sponsors like Armis and Cribl.

explore Keep Exploring

What is the coverage provided by the CUBE and SiliconANGLE at Black Hat, the biggest cybersecurity conference of the year? add

What role does generative AI play in addressing data problems in the security industry, and which companies have contributed to sponsoring the event being discussed? add

What companies are sponsoring theCUBE and allowing attendees to access their solutions for data and IT security? add

What percentage of CEOs believe their systems are fully protected from cyber threats, and what is the reality of their vulnerability according to Red Seal? add

bolt Powered by CUBE AI

Black Hat Analysis

>> Good morning, nerd fan, and welcome back to fabulous Las Vegas, Nevada. I know it's been a few weeks since we've been here, hope you all have been having a great summer. My name is Savannah Peterson and I am delighted to be joined by John Furrier today here at Black Hat, biggest cybersecurity conference of the year. And there are a lot of stories, cybersecurity has never been a bigger thing.

>> Yeah, I mean it's great. With Black Hat, it's a technical show, it's mostly CTOs, CSOs who come, who are technical. Obviously, the hackers come, the White Hat and Black Hat-

>> DEFCON crew is here.

>> DEFCON crew.

>> I got asked if I was a hacker checking into the hotel. I kind of felt cooler than I normally do.

>> You watch out for your devices, make sure everything is on, totally encrypted. No, but this is really the part of theCUBE and SiliconANGLE's coverage of security. We do RSA, we've done it for four or five years. Amazon Reinforcements is more of an industry show/ cloud, but it's kind of turning into more Amazon. But Black Hat is the technical show, RSA is more the business marketing show and there's a variety of other smaller shows, but we're going to be covering all next year as well, just continuing to cover security, because the intersection of AI and data and large scale cloud is hitting the scene and every single company is realizing a lot of pain right now. Because no matter what people are saying about consolidation, it's still a product vendor sprawl and there's over 3,700 vendors, 8,000 products, and with the recent CrowdStrike, Microsoft debacle, there's so many issues in the platform.

>> I don't know what you're talking about, John.

>> It's a whole nother change over. And I think the next five years and then the next 10 to 20 will be a reset for security. I talked to people inside the industry, it's very clear, Savannah, that the fatigue level of, I won't say technical debt, but sprawl debt, meaning they've gotten so much stuff installed, they don't even know who actually installed it. Patches aren't being updated. There's a huge problem and that's why the disruption from the CrowdStrike thing wasn't really a security breach, it was just more an example of the problem of the talent. They're gone. People move around, who loaded what system? What is software doing? And again, you've got 3,700 vendors and 8,000 products and the threats aren't stopping. So then it's not like they can consolidate overnight, they've got to continue to buy more stuff. So contrary to public opinion, it isn't consolidating, there's more sprawl going on. So the top story here is, platform reset is going to happen and the sprawl will continue and then the threats are just coming on board.

>> I think that's a really interesting part that you bring up, John, with the diversification of solutions essentially across someone's tech stack. And I do think that comes up. We never think about things that are there to protect us until we need them, which is classic. You don't want to think about that stuff, it's expensive and it's scary. And I think as with the rise in AI and gen AI, we've seen it in the data, cybercrime is up just as much as the adoption of that technology. I mean, I'm just looking at this data from Darktrace right now, email alone, 17.8 million phishing emails in the last six months, 62% of them bypassing existing domain barriers. So I mean, that's insane. People are just getting peppered right now. So all the solutions on the floor, all the conversations we're going to be having, it's imperative. And we have more data than ever and it's all super personal and private.

>> I mean, CSOs I talked to, what's coming out of this is that they're recommending, look at risk management as one thing, but you've got to have a disciplined approach to your portfolio and understand the categories you're protecting, at the same time bring order to the chaos that's out there. So there's a lot of that, "I've got to get to the future build, I've got to have a stable environment." It's chaotic, and so how do you manage that? It's actually pretty crazy and I think I've never seen it this dark. And again, little things will start to emerge. Again, you see the disruption of airlines and just hospitals, the sprawl is killer. So that's-

>> And you realize how fragile it is. I mean, how many people? I have friends in the United States Army that were bricked by the CrowdStrike event. Everyone was stuck on their planes, hospitals were shut down. We think that all of this stuff is so resilient as folks living in this world, the reality is there's a couple keys that control a lot of the data and a lot of the access, and when that's compromised, spooky.

>> And the thing about it is, you've got more data coming in, synthetic data is going to be a big part of it. I think one of the things that's a bright spot on the security industry like it's been with other industries, AI is an opportunity. Generative AI could be an opportunity to at scale solve those data problems. And we want to thank Cribl, one of our sponsors, allows us to get here. They have a real great solution for them, they're like that data engine for IT security. We've got Armis, big sponsor here too. Shout out to Armis and Cribl for sponsoring theCUBE and allowing us to come here to check those guys out. Armis just-

>> Armis is smashing. We just saw that news this morning.

>> The news hitting 200 million ARR literally in 18 months. They're on a tear.

>> Doubling their ARR in 18 months.

>> This is the issue. So currently, Savannah, there's no vendor consolidation happening. Contrary to what people are saying, vendors aren't consolidating because there's too much threats to plug when you've got to plug those holes and those bad guys.

>> It's interesting though. That's a good call out, because you would see it in other technical spaces, I think, more frequently.

>> Well, what's going to happen with Generative AI, the opportunity I see and what we're talking to folks about and they're thinking about is, "Okay, how do I end-to-end workflows? How do I vertically integrate the stack, leverage all the vendors that are out there and integrate them in and use gen AI to create a glue layer around either data or interaction?" So I think you're going to start to see a real focus on, okay, maybe we're not going to consolidate down to a handful of vendors. Maybe one platform won't rule the world on security, I've got to deal with multiple vendors, but how do you connect them all? And I think the smart CSOs I talked to are looking at end-end workloads, putting gen AI in there and using gen AI and designing it. Not coding it, not like as a software developer, but really systems engineering around laying out the system for, how do I put this new foundation in? Because whoever doesn't have that new foundation like we're seeing in cloud and other enterprises, it's not going to really work out. So I think that's going to be a hallway conversation. We're hearing a little bit of it now.

>> Yeah, I think you're absolutely right. And I also think one of the things that's really notable is cybersecurity matters in a lot of different places before. We're not just talking about on-prem or in the cloud, we're talking about Edge. One of the top security concerns according to this data I've got from Darktrace is that Edge infrastructure is a top compromisable zone. Whether that be our cell phones or, I mean these are Edge devices, anything, most of the things that consumers touch are Edge devices. And the reality is there's more data available there and a lot of interesting stuff and it's also easier to hack than ever. As much as we have all these tools, it makes it just as easy for nefarious actors who are doing cybercrime as a service.

>> You hate to say that-

>> It's a crazy industry even to say out loud.

>> You hate to use the word hygiene, but DevOps hygiene, again, updating stuff, auto-updates.

>> Developers and hygiene.

>> If you look at what's working, we mentioned Armis with their results, even though they're a sponsor, they are doing extremely well, mainly because they've got a comprehensive platform with their Centrix AI. And what they're doing is using real-time to get identity of the assets out there. One of the things I heard from insiders here in Vegas, is that one of the problems with all these systems is they don't know who updated it when, so you have a lot of sprawl.

>> It's legacy, because you don't need it until you need it. It's like this kind of backdoor thing until it's an emergency.

>> And then there's a hole there. So again, you've got to rein in the environment. I think these discovery tools, asset discovery kind of comes in the governance area, but it's really not. It's more of prioritization discovery, discovery prioritization, and then remediation. That's the focus. And again, disciplined approach to the portfolio, risk management is involved, but the reset of the foundation is going to be what I think the top conversation is going to be.

>> Absolutely. And I think we're sometimes unaware of what we don't know. I was having an interesting conversation on the plane on the flight in yesterday on the Nerd Bird in from San Francisco with Jane from Red Seal, shout out to my seatmate. And Red Seal, everyone thinks they have everything protected. So 75% of CEOs think they have their entire systems taken care of, and yet when Red Seal takes a look at them just as an example, they find 100% of the time there's some glaring vulnerability. So the reality is we could all be better. There's different doorways in, there's different ways to get in with malware and phishing and I mean a variety of cybercrime. So I think it's really interesting. I think we're in an era, where kind of in the way that we've been talking about how data is so hot and sexy right now, it's having a moment, I kind of feel like cybersecurity is also in that space, where all of a sudden it's more important than ever

>> And the AI is going to be a tailwind. We've got a great lineup coming up. We've got Cribl coming on, it's one of our sponsors. But Bruno Kurtic has got another startup. He's the founder of Sumo Logic, Cube Alumni, going back to 2013, Bedrock Security. We're going to have the CISO for Netscope. We're going to have a keynote from Microsoft talking about threat intelligence and that big North Korean hack that they put just recently that the DOJ ruled against. Zeus is going to come in. We're going to have Ryan Herbert from the NYSC and Ice. Tomorrow we're going to have tons of great Google Cloud CISO, Gigamon, Visa, Darktrace, Sentinel One, Cato Networks, and HPE and so much more. So it's going to be great.

>> Yeah, we really do have an exciting lineup. I'm excited to learn. There's going to be some smart people and some conversations. I'm already learning new terms I didn't know when I sat down this morning, so I'm really thrilled for the show, John. Thanks for having me. And thank all of you for tuning in to our fabulous two days of coverage here in Las Vegas, Nevada at Black Hat. My name is Savannah Peterson, you're watching theCUBE, the leading source for cybersecurity news.