VMware

Takeaway from Black Hat USA 2018

Spread the love

96 billion dollars[1] is what Gartner expects the world to spend on security this year alone. 96 billion dollars.

The number seems staggering until you consider the cost of not protecting your organization’s assets and operations. One report estimated that cost approaching $600 billion in 2017[2].

Today we operate on what has been coined by IDC as the Third Platform[3], which means users have ubiquitous access to data all the time. For example, the average business person carries a device in their pockets at all times that connects to their company’s network and also the entire internet. The power of carrying the Internet in our pocket has transformed the way we interact with data and the services provided by that data. This model of access brings agility and incredible power to business decisions, but it also results in data living in various locations inside and outside the organization.

Cybercriminals are becoming savvier too. They are more aware than most that an organization might not know precisely where all their data lives or how it is protected. The concept of not knowing where your data is stored and how it is safeguarded might seem absurd until you consider how much information is at work today. Wave after wave of data breaches highlights how valuable the information at work is to these criminals and how complicated it is to try to protect it all.

With that as the global stage, it isn’t surprising that Black Hat USA 2018 broke the records with over 19,000 attendees from across the globe. There has never been a time where cybersecurity was so crucial to business or in the general population’s social conscience. Election voting machines, electronic healthcare records, credit monitoring services—the world is online, and consumers are exposed.

This year’s event included a smattering of new technologies that were interesting. (See CRN’s article – 20 Hot Cybersecurity Products Announced at Black Hat 2018[4]) There was much hype around the use of machine learning and artificial intelligence (AI) for cybersecurity and cybercrime. IBM demonstrated the dark side of AI with their DeepLocker[5] malware. These AI-powered malware attacks are very targeted and may be coming our way in the near future.

For most of us, though, the main type of cyberattack is more randomized.

The attacker is typically trying to exploit a vulnerability to see what data they can get to. In this scenario, the criminal is casting a broad net, being more opportunistic. They know that most organizations are failing to truly protect their data, at least somewhere. With perseverance and especially with a generous sprinkling of social engineering, they can usually work their way into an organization. In this case, they aren’t likely to be going after a specific, defined target enterprise but rather exploiting the vulnerabilities they find to cash in on whatever they can get to. The WannaCry ransomware attack is an example of this.

Google’s appeal at Black Hat was for the cybersecurity professionals to work together effectively lowering the bar on cyber ‘street smarts. Its Project Zero and 90-day disclosure period are helping to identify weaknesses, but if anything, companies need to be more vigilant in today’s hyperconnected world.

Google’s Director of Engineering, Parisa Tabriz, made an admirable appeal for “intentional collaboration” amongst cybersecurity professionals.  The unfortunate reality is there just aren’t enough security experts available today. It takes incredible talent, discipline, and a thirst to stay one step ahead of the attackers. By working together, in efforts such as the cross-industry Cyber Threat Alliance, or with Fortinet’s announcement of a direct alliance with IBM, we can all get a little smarter. It is critical for InfoSec professionals to share knowledge, but we can’t ever relax.

While Google’s proposition at Black Hat USA 2018 sounds like nirvana, the showcase my team is most excited by is still ahead. At VMworld 2018, we’ll see VMware AppDefense with NSX. NSX makes microsegmentation possible, which is a little like snapping your fingers and having a virtual firewall appear around your VM, like a personal suit of armor. For those attending VMworld, I strongly recommend visiting the ‘Transforming Security in a Cloud and Mobile World’ session. Here you’ll see the VMware Red Team and the VMware product and engineering team perform real attacks and how to combat them with microsegmentation. Getting firewalls down to this level of individual protection is something we’ve theorized in security for decades, but NSX makes it possible.  For cybersecurity experts, it feels a little like finally spotting Bigfoot or Nessie in the wild.

Can’t wait to VMworld 2018 to learn more about the latest in security? You can always visit our Cybersecurity Webinar library to learn more. Until next time – stay safe, stay encrypted, and stay aware. ▪

# # #

References

  1. ^ https://www.gartner.com/newsroom/id/3836563
  2. ^ https://csis-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-cybercrime.pdf?kab1HywrewRzH17N9wuE24soo1IdhuHdutm_source=Pressutm_campaign=bb9303ae70-EMAIL_CAMPAIGN_2018_02_21utm_medium=emailutm_term=0_7623d157be-bb9303ae70-194093869
  3. ^ https://en.wikipedia.org/wiki/Third_platform
  4. ^ https://www.crn.com/slide-shows/security/300107716/20-hot-cybersecurity-products-announced-at-black-hat-2018.htm?itc=refresh
  5. ^ https://researcher.watson.ibm.com/researcher/view_person_pubs.php?person=us-mpstoeck&t=1