Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] Coolest vendors at Black Hat USA 2023

by Dain Oh

Aug. 18, 2023
11:18 AM GMT+9

“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Journalists for The Readable select important news stories from the previous week. Topics encompass privacy, cybercrime, and policy development in cybersecurity. There are no costs involved with a subscription, and some content, such as industrial reports, is only available to those who subscribe to our newsletters.


Hello! This is Dain Oh reporting from South Korea. The summer madness in Las Vegas came to an end over the last weekend, but the journalists’ job was never over. Our team has picked the five coolest vendors at Black Hat USA 2023 out of dozens of security firms that we directly communicated with. In addition, we have put together some of the most important statements made by speakers at the event. For those of you who haven’t had a chance to read our original news articles reported from Vegas and Anaheim, I have included eight stories in this briefing. Have a wonderful weekend!

1. The five coolest vendors at Black Hat USA 2023: Oligo, Veriti, Mobb, SafeBreach, CyberGRX

Designed by Areum Hwang, The Readable

Black Hat USA 2023 was pure bliss for those of us who are passionate about cutting-edge security innovation. Before the event, The Readable reached out to more than 70 vendors through hundreds of emails and selected around 20 for in-person meetings. In this article, we’re excited to spotlight the five coolest vendors that we met in Las Vegas last week. Our selections are based solely on their innovative contributions and are not influenced by any sponsorships. This article may serve as a roadmap for our readers to discover the latest trends in the cybersecurity industry. READ MORE

2. Quotes from Black Hat USA 2023: Jeff Moss and more

Jeff Moss, the founder of the Black Hat conference, is speaking at the beginning of the keynote speech at the Black Hat conference on August 10 to introduce Kemba Walden. Photo by Kuksung Nam, The Readable

Jeff Moss (Founder of the Black Hat and DEF CON)

“AI problems are going to become global problems. This is because the manufacturers and implementers of AI systems and learning models are going to be global companies. If a problem is discovered, you’re going to probably have to reach across one of the oceans and try to figure out what’s going on. And that requires an international mindset.” READ MORE

3. Psychological safety leads to trust by design, GitHub security strategist says

John Swanson, the Security Strategy Director at GitHub, is sharing his experience about the 2FA enrollment campaign that he led across the GitHub community. Photo by Dain Oh, The Readable

Las Vegas, NV ― Black Hat ― According to insights from a security strategist at GitHub on Thursday, the success of a company’s endeavor to implement two-factor authentication (2FA) for its employees hinges on the concept of psychological safety.

During a briefing session held at Black Hat, John Swanson, the Security Strategy Director at GitHub, delved into the remarkable journey of the world’s largest open-source community, where millions of developers were guided toward adopting two-factor authentication. GitHub’s initiative was driven by the goal of enhancing global safety by safeguarding developers and fortifying the software supply chain right from its inception at the hands of developers. READ MORE

4. Disclosing security flaws could damage white hat hackers’ creativity, researcher urges

Ali Ahmed, an assistant professor in the Department of Information Systems at the College of Business, University of Wisconsin-Eau Claire, is presenting his ongoing research at the Black Hat conference on Thursday. Photo by Kuksung Nam, The Readable

Las Vegas, NV ― Black Hat ― A security academic raised an important concern on Thursday, highlighting that an organization’s choice to publicly disclose resolved vulnerabilities might inadvertently hinder ethical hackers’ capacity to uncover previously unknown security weaknesses.

At the Black Hat conference, Ali Ahmed, an assistant professor in the Department of Information Systems at the College of Business, University of Wisconsin-Eau Claire, unveiled his ongoing research. This study delves into the intricate connection between bug bounty programs and the behaviors exhibited by white hat hackers participating in these initiatives. READ MORE

5. Only 22% of organizations run matured threat intelligence, malware detection leader reveals

Jan Miller, CTO of Threat Analysis at OPSWAT

Las Vegas, NV ― Black Hat ― A prominent malware detection company revealed on Wednesday that the threat intelligence industry is still in its initial phase, underscoring the need for at least 62% of global organizations to channel investments into essential tools and processes.

As outlined in OPSWAT’s report titled “2023 Threat Intelligence Trends,” a mere 22% of organizations have managed to establish fully developed threat intelligence programs. This glaring statistic underscores the discrepancy between implementation and the pressing demands of the landscape. The survey outcomes reveal a striking 68% of entities grappling with the challenges of identifying both familiar and unfamiliar malware strains. READ MORE

6. Viasat, NSA urge building partnership, sharing their experience amid satellite hack

Mark Colaluca, Vice President and Chief Information Security Officer at Viasat, left, is sharing the company’s experience in February 2022 along with Kristina Walter, who was the former director of the National Security Agency’s Cybersecurity Collaboration Center (CCC) during the KA-SAT hacking. The satellite sabotage resulted in power outages for thousands of Ukrainians. Photo by Dain Oh, The Readable

Las Vegas, NV ― Black Hat ― Forging a partnership between commercial and government entities proves to be pivotal in establishing an effective incident response process, as emphasized by the key players who collaborated to mitigate the unprecedented satellite sabotage that targeted Ukraine in 2022.

During the 26th Black Hat USA event on Thursday, Mark Colaluca, Vice President and Chief Information Security Officer at Viasat, shed light on a common oversight. “For many organizations, incident response is the most neglected muscle group,” Colaluca stated. He also offered insights into the cyberattacks against KA-SAT and expanded on the intricate dynamics at play, explaining, “Most of what we experienced was a complicated ecosystem which involved distributors, salespeople, and satellite people on servers, with many of these people being in different countries and facing a language barrier, making for a chaotic scene in the beginning.” READ MORE

7. US national cyber director stresses the importance of human element in security

The acting director of the Office of the National Cyber Director, Kemba Walden, on the right, is delivering a keynote speech in front of international security professionals at the Black Hat USA on Thursday. Photo by Kuksung Nam, The Readable

Las Vegas, NV ― Black Hat ― On Thursday, the White House’s acting national cyber director emphasized a crucial point: humans play a vital role in the realm of cyberspace. She also noted the significance of having a robust cyber workforce, adding that the absence of such a workforce poses a significant challenge to the nation’s security.

Kemba Walden, who has been serving as the acting director of the Office of the National Cyber Director since February, recently took the stage as a keynote speaker at the Black Hat USA event. In her address, she spoke to an audience of international security professionals about the groundbreaking National Cyber Workforce and Education Strategy (NCWES) released on July 31. This strategy marks a significant milestone as the first of its kind in this domain. READ MORE

8. [Opinion] Why security awareness training is mostly pointless

9. [USENIX] When love turns into a monster: researchers shed light on IoT-enabled abuse by the intimate

10. [USENIX] Implement AI assistants as a first defense against robocalls, researcher suggests


Upcoming events…

W.Media: Korea Cloud & Datacenter Convention 2023 (31 August, South Korea)

Click on image to visit the website.

The Readable is a strategic partner with W.Media regarding this event. As part of the partnership, The Readable provides its readers with complimentary tickets. Send us an email to receive promotional codes.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Designer:
Stay Ahead with The Readable's Cybersecurity Insights