My First Black Hat Experience: Highlights, Key Takeaways, and Cybersecurity Trends

Last week, over 20,000 cybersecurity professionals gathered for the 27th annual Black Hat event in Las Vegas. For me, it was a deep dive into both the innovative and challenging aspects of the cybersecurity world. With 3,700 vendors and more than 2 million professionals in the IT security industry, attending Black Hat meant joining the top 1% of the field. I was proud to be among those 1% and share in the excitement of this landmark event.

Key Trends Observed at Black Hat:

• AI Everywhere: Artificial Intelligence continues to revolutionize the field.

• Cybersecurity as a Collaborative Effort: No longer an isolated domain, cybersecurity now requires a strong ecosystem.

• Innovation at the Core: Cyber professionals are at the forefront of innovation.

• Fun and Creativity: Cybersecurity folks are not just skilled but also fun, down-to-earth, and creative.

Recap of Key Moments:

1. Keynote Highlights:

Securing Democracy: The first day's keynote focused on this critical issue. Jeff Moss, founder of Black Hat and DEF CON, delivered an insightful address titled “Democracy’s Biggest Year: The Fight for Secure Elections Around the World.” The panel, featuring Jen Easterly (CISA), Hans de Vries (ENISA), Felicity Oswald (NCSC), and Christina A. Cassidy (The Associated Press), explored the significant efforts required to secure elections amidst a year of heightened democratic activity and emerging technological challenges.

Privacy vs. Security was highlighted on day two. Moxie Marlinspike, co-founder of Signal, and Jeff Moss addressed the balance between privacy and security. Moxie’s creative “Harry Potter” analogy underscored how effective learning environments foster innovation, mirroring the essence of the Black Hat event where curious minds converge.

2. Collaborating with Splunk:

I had the pleasure of collaborating with and exploring their latest advancements.

Key takeaways included:

Unified Threat Detection and Response: Splunk is transforming SOC operations with its unified approach, offering unparalleled speed, scale, and flexibility.

Advanced Security Outcomes: Splunk aims to deliver 100% visibility, 10x faster incident detection and investigation, and over 95% automation in incident response tasks.

New Announcements:

Cisco Talos Incident Response Services: Now available to Splunk customers, offering both proactive and emergency response capabilities. Read More

Splunk Asset and Risk Intelligence: New features for continuous, proactive risk insights. Read More

SURGe Research on LLM Defense: Insights into defending large language models with Splunk and OWASP. Read More

AI Capabilities Demo: Kyle Prins showcased Splunk’s ability to summarize incidents, recommend detections, and generate security-specific SPL. Watch Here

State of Cybersecurity Report: A must-read for anyone interested in the current cybersecurity landscape. Read More

3. Reconnecting with Commvault

It was great to reconnect with Commvault, a former client from my time at Adobe. Kevin Komiega and David Cunningham shared updates on Commvault’s impressive evolution, including their recent recognition as a Leader by Gartner for the 13th consecutive time in Enterprise Backup and Recovery Software Solutions. Their "3R" cyber resilience framework—Risk, Readiness, and Recovery—aligns with the NIST framework and highlights their solutions' role in end-to-end cyber resilience. Commvault’s expanding partnerships, including with Acante, Dasera, Google Cloud, Splunk, and Wiz, and their strategic partnership with Splunk were noteworthy. Watch Video.

4. Getting Security Yearbook

I had the pleasure of meeting Richard Stiennon and receiving a signed copy of his "Security Yearbook 2024." Richard’s yearbook is a valuable resource, and I’m already halfway through the book.

5. First Tattoo Experience

I got my first tattoo at the Splunk booth, choosing a design featuring Splunk and four Aces. Tattoos and cybersecurity might seem unrelated, but it’s a fun tradition. Thanks to Katie Kirby for the fantastic artwork.

6. Claw Machine and Punching Competition

I tried the claw machine game at the Cisco booth and won a T-shirt, only to lose at the punching game. It reminded me that while luck can play a role, preparation, practice, and patience are far more important—especially in cybersecurity.

7. Splunk’s Shirt Happens Booth

My favorite booth was Splunk’s "Shirt Happens," where I found humorous and reflective T-shirts about the cyber world. Notable mentions include “Me, my friends and AI” and “Taking the sh out of IT.” I also loved Commvault’s T-shirt: “Everyone has a plan until they get punched in the mouth,” a vivid reflection of the cyber landscape. Thank you Erin Stachowicz for hosting me.

8. Networking Highlights

Networking was a major highlight. I spent some time catching up with those I worked with at Microsoft and IBM, connected with CISOs for potential collaborations, reconnected with long-time digital pal Bob Carver and met Lalit Choda from the Non-Human Identity Management Group. Special thanks to Kelli Reese Welgos at Splunk for making my first Black Hat experience exceptional.

As I reflect on Black Hat, I’m amazed by the rapid technological advancements and the ongoing cybersecurity challenges. The potential of technology is immense, but so are the threats it presents. Staying ahead requires continuous adaptation and learning.

Thanks for joining me on this journey through Black Hat. The future of tech security is unfolding, and it’s an exciting time to be part of this evolving field.