It’s that time of year again – the only place I’ll go in the middle of summer is Las Vegas: Black Hat. As the show wrapped up, several key themes emerged that will shape the future of cybersecurity. From the critical role of identity and access management to the cutting-edge use of AI to the ongoing challenges of cloud security, these trends offer a guide for security leaders looking to strengthen their defenses. Here are five trends to keep an eye on as we all return to our organizations:
- The industry takes the issue of identity seriously.
For years, analysts and consultants have predicted large-scale transformation efforts around identity and access management (IAM). This year, that sentiment has finally resonated with practitioners. The focus of many organizations has traditionally been on the fundamentals and organizational priorities. However, more and more security leaders are preparing to adapt the IAM discipline to the demands of the cloud era. This shift is largely due to the frequency of compromised credentials and identity-related attacks, which have become the biggest threat vectors.
(For current Black Hat USA coverage from SC Media, Security Weekly and CyberRisk TV, visit our Spotlight Black Hat USA 2024 Coverage Page.)
The importance of IAM was underscored in numerous sessions and discussions at Black Hat. Security leaders recognize that robust IAM practices are essential to protecting sensitive data and ensuring only authorized users have access to critical systems. This year marks a turning point where IAM has become a major focus for many organizations.
- Security as a shared responsibility.
One of the most striking trends at this year’s show was the diversity of attendees. It wasn’t just security professionals who were represented; executives from engineering, IT, infrastructure and technology were also present in full force. This reinforces the trend that enterprise security has become a shared responsibility across the entire organization. The proliferation of cross-functional initiatives to reduce risk while improving operational efficiency was clearly evident throughout the conference.
Security leaders are increasingly aware that effective cybersecurity requires cross-departmental collaboration. By fostering a culture of shared responsibility, organizations can ensure that security measures are integrated into every aspect of their operations. This holistic approach increases security and also improves the overall resilience of the organization.
AI has been a hot topic in the cybersecurity community over the past year, and while it remains a major focus, the discussion has evolved. The initial excitement about new disruptive technologies has given way to a deeper understanding of how security teams can integrate Gen AI and LLMs into existing disciplines and tools. The era of AI for AI’s sake has moved on to practical applications that improve security operations.
At Black Hat, there was a clear trend toward exploring how teams can use AI to better detect threats, automate responses, and improve overall security posture. Security leaders now view AI not just as a futuristic concept, but as a practical tool that they can integrate into their existing frameworks to gain real benefits.
- Cloud security is coming into focus.
While large-scale cloud migration projects launched during the pandemic are nearing maturity, securing and understanding the cloud at all levels of an organization remains a critical priority. The influence of cloud security pioneers like Wiz was evident at Black Hat, with numerous sessions and new offerings focused on cloud security best practices.
I cannot stress enough the importance of cloud security. As more and more organizations rely on cloud services, the need for robust security measures such as zero trust and least privilege principles has become critical. Security leaders are making cloud security a top priority to protect their digital assets and ensure business continuity. The conference highlighted that while significant progress has been made, there is still a lot of work to do to fully secure cloud environments.
- A focus on organizational resilience and data security.
Organizational resilience is a top concern for many organizations right now, especially those currently dealing with the aftermath of the CrowdStrike IT outage. Security leaders are evaluating whether their existing platforms provide the resilience and adaptability needed to withstand future threats.
Data protection has also become a key focus, especially given the increasing use of external data stores such as Snowflake and MongoDB. These platforms play a critical role in AI adoption and house increasingly sensitive data. It is imperative for teams to keep pace with evolving customer and regulatory compliance requirements, which requires dynamic and flexible approaches to access control.
Key takeaways from this year’s Black Hat conference shed light on the evolving cybersecurity landscape. From the critical importance of IAM to the normalization of AI to the ongoing challenges of cloud security, these insights provide valuable guidance for security leaders. By embracing these trends and fostering a culture of shared responsibility, organizations can improve their security posture and better protect themselves against new threats. As the threat landscape continues to evolve, staying ahead of these trends remains essential to maintaining robust cybersecurity defenses.
Rom Carmel, Co-founder and CEO, Apono
(For current Black Hat USA coverage from SC Media, Security Weekly and CyberRisk TV, visit our Spotlight Black Hat USA 2024 Coverage Page.)