Black Hat, the ‘security summer camp’ for the tech industry, is holding its first-ever online conference — highlighting just how much cybersecurity has changed in the pandemic

  • The Black Hat cybersecurity conference, sometimes called “security summer camp,” opens Wednesday for its first remote gathering.
  • The cybersecurity industry last came together for February’s RSA Conference – the last major tech conference before COVID-19 caused many cancellations.
  • Cybersecurity thought leaders say their industry has changed vastly since last winter, as it raced to product companies that migrated to remote work.
  • If RSA was the last hurrah of an old cybersecurity, this conference may usher in new ways of networking, some believe. 
  • Visit Business Insider’s homepage for more stories.

The Black Hat cybersecurity conference, an industry tradition known by some as “security summer camp,” opens Wednesday, but online only for the first time. As it does each year, Black Hat serves as a milestone when industry friends and colleagues catch up on the latest trends, and what’s changed. 

The answer this year is: Everything.

“How many of you last year thought that this year you would be living your cyberpunk future?” Jeff Moss, CEO of Black Hat, said opening the virtual conference on Wednesday, noting the dystopian effects of the pandemic.

This new cyber conference marks a sea change from February’s RSA trade show, experts say. 

COVID-19 struck in the middle of the RSA Conference, with the host city, San Francisco, declaring a state of emergency while some 34,000 attendees were in town. Some returned home with the virus

RSA was the last major tech conference anywhere before events like South By Southwest, Apple’s WWDC, Salesforce’s Dreamforce and many others announced that they would be going virtual this year. Prominent figures in cybersecurity say it was the last hurrah of the pre-COVID cybersecurity industry – which was booming with innovation, exploration, and a leisurely pace compared to what was about to come. 

The top change in cybersecurity, experts say, has been an immediate acceleration to protect virtual workers and keep pace with companies’ digital transformations. The philosophy of Zero Trust – in which all users must authenticate their identities continually – boomed, with giants like Microsoft making it a cornerstone.

Protection of cloud assets, and a shift to identity security that gave companies more protection of their networks than a remote worker’s password alone. The use of fingerprints, facial ID, and multiple forms of authentication to access corporate systems soared. 

Netskope 6448_Sanjay_Beri_Full_HIRES 8x12 (4)
Netskope CEO and founder Sanjay Beri
Netskope

“RSA was sort of the last big party,” says Sanjay Beri, CEO of the $3 billion cloud security startup Netskope. “It was the last major event when we were all together. I remember walking around shaking hands. Everything has changed. It’s just night and day.”

As traditional workplace security products faded, cloud-based companies like Beri’s have soared. Netskope, Okta, CrowdStrike and Proofpoint formed a coalition in June, to allow companies to more easily combine their compatible cloud-based security products.

“Everyone had to shift to remote work so fast. No one was thinking about a workplace network perimeter. We had to get companies set up for secure remote work. We may have done five years of digital transformation just since RSA,” Beri said. 

A very different Black Hat conference

Sunil Potti, vice president of security at Google Cloud, says the speed of change since RSA makes a remote Black Hat conference a welcome opportunity to come together with colleagues. “Looking back, RSA was the last time the security community was able to come together in a physical location. A lot has changed since then,” he says. This week’s online gathering is “an opportunity for the security community to come together and discuss how to make this new normal a better, safer normal.” 

But the virtual conference won’t be the same for Dan Schiappa, chief product officer with Sophos, who has been going to security conferences since 2002. “The biggest benefit I get out of it is just being around other security professionals,” he says. Schiappa remembers leaving his booth to go to the bathroom one year, when “it took me an hour, because I kept running into people and catching up. Not having that is going to be weird.” 

Schiappa concedes that there is plenty of new research and new topics to discuss. Sophos, McAfee, and VMware all have new research that outlines the developing sophistication of ransomware and other attacks on companies. Keynotes look at election security and disinformation campaigns related to COVID-19. Registration has been robust, organizers say. And for the first time, the Business Hall where companies meet and greet attendees is free. 

Black Hat may never be the same again

Some say conferences will never go back to all in-person – and should not. 

CloudFlare
CloudFlare CEO Matthew Prince
Reuters

“It’s inevitable that we’re going to discover some mechanism that gives you the best of the conferences of the past,” Cloudflare cofounder Matthew Prince said in an April interview with Business Insider. “I don’t know what they will be, but I’m guessing we will try a bunch of things. Some will work, and some won’t. 

Eugene Kaspersky, founder and CEO of the 4,000-employee Moscow company Kaspersky Labs, believes in-person events will return – with the online aspect continuing.

“Many people talk about how, after COVID, nothing will be the same again and we’ll be in a completely different world. I disagree. The world will be exactly the same as before but with one difference – along with our usual activities, we’ll have more online ones.”

View original article here Source