Enter the intriguing world of cybersecurity as Sean Martin and Steve Wylie sit down to discuss Black Hat, its inception, its remarkable journey through the years, and the future of cybersecurity within the context of technology and society. Get ready for a deep conversation packed with insights about the cybersecurity landscape, AI, the nature of cyber warfare, and the future of cybersecurity.
Guest: Steve Wylie, Vice President, Cybersecurity Market at Informa Tech [@InformaTechHQ] and General Manager at Black Hat [@BlackHatEvents]
On LinkedIn | https://www.linkedin.com/in/swylie650/
On Twitter | https://twitter.com/swylie650
____________________________
This Episode’s Sponsors
runZero | https://itspm.ag/runzervvyh
Island.io | https://itspm.ag/island-io-6b5ffd
____________________________
Episode Notes
Black Hat USA 2023 conference's keynote sessions promise engaging and insightful conversations. Steve Wylie, the General Manager, highlighted one of the key discussions that will occur during the event, a fireside chat between Jen Easterly, the director of Cybersecurity and Infrastructure Agency (CISA), and Viktor Zhora, who is responsible for defending Ukraine's digital infrastructure. Easterly, having been appointed in 2021, participated in a Black Hat keynote stage three weeks later, where she effectively discussed her vision for the collaboration of hackers, government, and the private sector. Now, after a couple of years in her role, she's expected to bring in more nuanced perspectives.
The discussion will focus on the pressing issues faced by the cybersecurity world, including the war in Ukraine and the country's efforts to defend its digital infrastructure. This fireside chat is set to foster insightful exchanges from two significant figures, each from different governments, giving attendees a unique view into real-world security operations.
The Thursday morning keynote will feature Kemba Walden, the Acting National Cyber Director for the Executive Office of the President. Her contributions to major cybersecurity initiatives, such as the implementation of Executive Order 14028, make her an exciting addition to the conference. This order, which aimed to improve the nation's cybersecurity, addressed significant issues like public-private cooperation, sharing of intelligence between agencies, and supply chain security.
As the conference unfolds, more technical discussions will also take place. Wylie mentioned the Black Hat briefings which are typically quite technical and provide insights into the current cybersecurity landscape. One notable briefing includes James Kettle's session, "Smashing the State Machine: The True Potential of Web Race Conditions," highlighting an unexpected flaw in web applications. Other sessions cover important topics such as the recent Viacom satellite attack in Ukraine and global DDoS trends, as observed by the FBI.
The Black Hat USA 2023 conference offers a diverse range of topics for attendees, from policy-related big-picture conversations to more technical, detail-oriented discussions, plus hands-on activities taking place in the Arsenal. There's also an entrepreneur track, where innovative solutions are pitched to judges and are on display in the business hall.
Black Hat USA 2023 aims to provide both overarching perspectives and in-depth analyses to ensure a comprehensive understanding of today's cybersecurity challenges.
Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa
____________________________
Resources
Black Hat USA 2023 Trainings: https://blackhat.com/us-23/training/schedule/index.html
Black Hat USA 2023 Briefings: https://blackhat.com/us-23/briefings.html
For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegas
Are you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:
👉 https://itspm.ag/bhusa23tsp
Want to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:
👉 https://itspm.ag/bhusa23bndl
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording as errors may exist. At this time we provide it “as it is” and we hope it can be useful for our audience.
_________________________________________
Voice Over Actor: [00:00:00] Welcome to the intersection of Technology, Cybersecurity, and Society. Welcome to ITSPmagazine. Knowledge is power. Now more than ever.
Sean Martin: And hello everybody, you're very welcome to our first chats on the road to Las Vegas for our coverage of Black Hat, not coverage of ITSB magazine, coverage of Black Hat USA 2023 and this is always a great time to [00:01:00] kickoff summer, if you will, and do a hacker summer camp event. Uh, I'm flying solo today.
Marco, uh, Marco is not joining me, but he and I will be doing a lot around the black hat trainings and briefings and conversations and everything else going on in Las Vegas. And, and I'm thrilled to have Steve Wiley on Steve. It's good. Good to have you on the show again for our annual tradition.
Steve Wylie: Yeah, it's great to be back as always missing Marco this year, of course, but I'm sure I'll catch up with him in Las Vegas.
Sean Martin: Yep, absolutely. He won't stay away too long. And, um, yeah, for, for those that have followed us, uh, you might know that Black Hat is actually the, the birthplace of ITSP Magazine. Uh, I'd been many, many years, uh, prior, but, uh, eight years ago, Mark and I decided to turn our idea into, uh, into reality and, and, uh, ITSP Magazine was born.
And, uh, [00:02:00] we've loved working with you, Steve, and your team. Over the years to kind of get a, get our finger on the pulse of what's going on in the world of InfoSec and cyber security and everything surrounding it. And, uh, it's always a fun ride and there's always something new, uh, playing, playing, uh, games with us this year.
It's probably AI. We'll, we'll get into that. Um, but before we get into everything that's going on that week in August, uh, a little bit about you, Steve, for those who may not know you yet. Yeah,
Steve Wylie: sure. Thanks, Sean. So, uh, so Steve Wiley. So my, my role here at Informatech is I'm vice president of the cybersecurity market group.
Um, so that includes, of course, the black hat events, which we're here to talk about today. It also includes our market intelligence, uh, group called Omdia, uh, and then dark reading our, our news information, uh, website. Um, but specific to my role as the, General manager of Black Hat. I've been with Black Hat [00:03:00] for I guess it's nine years now.
Uh, and that time has flown by very quickly Uh, and it's been an interesting nine years to say the least most notably the last few years which i'm happy that we're sort of seeing the you know in the rearview mirror now in terms of Uh lockdowns and virtual events and everything we were sort of navigating Uh, it's great to be back with these.
Um In person events at scale. We've got a lot that we've kind of come out of that, you know, that era with that's very positive in terms of, you know, making all of our content accessible on demand, you know, four weeks after the event that just makes the, you know, the experience attending black at that much, that much richer when you don't have to scramble between sessions and pick between sessions.
You've got, it takes a little bit of pressure off. You can, you know, You know, see your sessions that you want to see the week of black hat. And then you've got access to the full library, um, you know, after the event on demand, which is, which has been a nice, um, you know, uh, bonus of, uh, of [00:04:00] lockdown and, and, uh, all things pandemic.
Is
Sean Martin: that the, uh, is that the, the virtual note or tag that I see? Uh, that's the online on demand stuff afterwards. Yeah,
Steve Wylie: yeah, yeah, we're doing it a little bit differently this year. You know, we've continued to sort of evolve our strategy there where we've moved away from doing it as more of a simulcast to because you can't be in two places at once.
So this is really more about, you know, you've got the in person experience in Las Vegas and that you just can't beat that. Um, but you've got the whole library. behind it, which we make available a week after the conference. So it's more of an on demand, um, experience where you can access all the content.
There's still quite a lot of networking opportunities on the platform and a rich amount of content to access. So we're seeing, you know, the sort of the usage patterns of our black had attended shifting where they there's very active on the on the virtual platform as well. Um, you know, last year, Black Hat USA, uh, we had about 17 and a half thousand people in the building with us, but 15, 000 people access [00:05:00] the on demand event, um, portion, which is, you know, really, uh, fantastic to see that they're fully taking advantage of that.
Yeah, it's
Sean Martin: incredible. I think we. We're all all we're all hungry for information, right to do our jobs better to do whether it's research or detection or response or, or strategy and architect, whatever it is that your, your role is we're hungry for information and insights from from those that know, right, then what better place to get that than, than in Las Vegas at Black Hat.
So let's talk a bit about Uh, the, the, the overview of this year, so same format in terms of trainings and briefings, uh, what is it? Four days, two days, and then, then, uh, for those who care as they were up for it, there's the, uh, the DEF CON, uh, activities, um, Talk to me a bit about the [00:06:00] Black Hat program.
What's uh, yeah, what's it look like this year?
Steve Wylie: Sure So it's it's a lot of what people are familiar with in terms of you know The four days of trainings at the front end of a Black Hat two days of briefings I think we've got nearly a hundred Black Hat briefings this year, which is a full lineup And great to see We've got, um, the full lineup of Arsenal, um, uh, programs this year.
So Arsenal, for those that aren't familiar with it, this is really the, you know, the open source tools, um, that come from the community that are, you know, that are showcased that Black Hat demonstrated at Black Hat is always a big, a big draw. So full lineup of Arsenal tools. We've got some new programs, uh, which we always do every year.
Try to try, you know, try to do something new. So I've got a few of those we could talk through as well. We've got a very full keynote lineup. I'd be happy to spend a few minutes on that. Um, so we're, you know, we're four weeks out recording this now, and it's, uh, we're, we're Eager to get to Las [00:07:00] Vegas, get to, uh, see everyone in the flesh, see the community come together, um, and really, you know, get to what we expect to be a fantastic, uh, week in, in the desert and, uh, and hanging out with friends.
Sean Martin: Yeah, eager is the right word. I feel that as well. So, uh, yeah, I'm also excited. I know the keynotes, but I don't want to go there quite yet. Is there a, is there a theme? for this year's event. I don't know if you, if you claim one or if you build an itinerary around it this year, or if one surfaced, uh, talk to me a little bit about what you're kind of feeling in that
Steve Wylie: regard.
So I think Black Hat's a little bit unique, uh, in that The content comes almost 100% from the community, right? So, and I think we've talked about that on this podcast in the past. We do a, a very robust call for submissions. We get, um, many, many people vying for a spot to speak at black [00:08:00] hat. Uh, we've got an incredible review board that.
That's all those submissions. It's a, it's a tireless, uh, effort, um, on their part. Many, many hours logged. Um, so what we tend to do is we don't go into the event with a theme in mind. We like to see what sort of bubbles up, you know, from the community. What are we hearing from the people out there doing original, novel research, um, and what they wanna showcase at Black Hat.
So certainly earlier you touched on a, a key theme, uh, ai. Uh, that's, uh, that's certainly probably the. Topic in tech this year. Uh, and, and with that, I expect that to be a, you know, a very, um, high area of focus, uh, during the, the conference and in the briefings in particular, and the keynote program as well.
Um, I think given that we're, you know, we're two years into, um, the war in Ukraine, I think we've got a few, a few things there that really touch, touch on that directly. So that's great to see it. And really, I think on the war in Ukraine, it's really from a [00:09:00] security operations standpoint, like we're seeing there's, this is a war that's playing out in real time and cyber is a big part of it.
So I think we're, you know, we will be able to share some, um, some key insights and learnings there from people, you know, on the ground. Uh, and so I'm excited about that. So that's a couple of, I would say the bigger themes playing out this year, um, in the conference.
Sean Martin: Yeah. And then, I mean, the, the bigger picture of technology, I mean, it's easy.
For me, and we actually started ITSB Magazine with a focus on cyber security and its connection to society. We quickly realized, well maybe it took us a few years anyway, but we realized that you can't have that conversation without the conversation of technology and its use for good. Or not so good or evil, right?
Depending on how far you take it. And the war is certainly one of those areas where there's a lot of technology being used, not just for cyber warfare, but for warfare, kinetic warfare, even. [00:10:00] And, uh, so a lot of things to touch on there. And now I want to maybe spend one second on the AI. Point. Um, because my sense and may not be directly connected to the event, but maybe some of your thoughts and how you might see it play out in the event.
But my sense is that everything is being touched by AI, at least in conversation, whether it hits the streets and ones and zeros yet or not everywhere. And cyber is another story. But do you feel that a lot of the conversations, even if they're not AI specific, will have AI elements in them? And then I'd love your perspective on this.
Um, I have my own. I can share it as well. But do you think we might lose sight of some of the Basics by focusing on the shiny AI stuff as well. When I get your thoughts on that
Steve Wylie: stuff. [00:11:00] Yeah. Uh, I, I think the black hat community does a great job of distilling through the shiny and get in and, and making sure we focus on the basics.
And that's one of the things I love about this community there. Um, you know, they're very outspoken, I think, and that, but you're, you're raising a good point. Like, you know, AI is the new shiny. We need to focus on sort of, you know. real world implications, real world risk, real world benefits as well, right?
So I tend to look at, you know, with AI and cyber, I tend to look at it in sort of two pronged, um, approach where, in part, AI is being used, uh, in cyber defenses, right? A lot of the tool, you know, makers are using AI, uh, engines to Create better products, right? So that's a whole half, half of AI and meets the cyber.
And then the other half of that as well, you now have, um, potentially a lot of risk being created by, uh, by AI as well. So there's the whole other half of this, which is how are we going to defend against this new, um, uh, [00:12:00] sort of landscape that's going to be enhanced by AI? Um, you know, so it's, I think it's, it's interesting.
And I think, you know, really, um, as always in cyber, you have to sort of, you know, Separate out the what are the true risks and true true benefits from the hyperbole. And again, I think the black community does a great job with that. I look forward to, you know, I always like to come out of the event with one of my sort of key learnings.
I look forward to coming out of the event this year with some for my for myself, some some better understanding, better opinions about AI, you know, and and how it's going to both positively affect other Um, society, but also things that we need to be wary of and, uh, and, and rightful to sound the alarm on
let's,
Sean Martin: uh, let's go to Maria's opening keynote. That's, uh, day one of the briefings Wednesday at 9 a. m. She's talking about [00:13:00] AI and then presumably us, the community being guardians of this AI era. And, um, I don't know, can you, can you give us the, the elevator pitch for that without, uh, yeah. Giving any, anything away,
Yeah.
Steve Wylie: I won't give anything away. Um, but we're, we're really thrilled to have Maria, you know, opening keynote for the event. Um, you know, speaking about trends, we, you know, AI talked about that as a big trend this year, uh, you know, in tech. And we wanted to have a, a, uh, a keynote that really dug into that.
Maria is sort of uniquely qualified there. Um, so a little bit about Maria. So she's obviously the founder of Azaria Labs and probably most known for her work around, you know, IOT research and, uh, and arm research. Um, she's, um, I think what she's gonna bring to the, to the, to the conference and to the keynote stage is really, um, a A talk that digs deeper into what we were just describing there.
What are those key benefits of A. I. But also, um, [00:14:00] since we are blackhead after all, you know, what are the risks of A. I. And how? How is A. I. Going to impact cyber security? So I think for us with the keynote stage, we'd like to generally try to have someone from the community. Who is a thought leader and emerging as a thought leader around a particular topic.
And Maria is certainly that she's well known within the community. She's actually, she's one of our own. She's on the black hat review board, uh, you know, as well. So we're thrilled to see her taking that opportunity to be our opening keynote. Um, speaker this year, um, and, uh, and really set the tone, I think, around AI for the rest of the conference.
Yeah, that's
Sean Martin: phenomenal. And, uh, also Wednesday in the afternoon, I don't know if you, if you, it's called a keynote. Sometimes they're called mock notes, but, uh, January Easterly and Victor Zora are going to do a Firestar chat. I, I like, I like those formats a lot. I mean, two super cool people having a good chat.
Uh, tell, tell us a little bit about that
Steve Wylie: one. [00:15:00] Yeah. So, um, similar to our sort of, you know, desire to have a good, um, community person, uh, thought leader. We also like to have some talks that can really look at, um, uh, the, the, the world from more of a global policy standpoint and sort of what's happening across the real world.
Um, so that, that really is that afternoon keynote fireside chat between Jen Easterly and Victor Zora. So, um, Jen Easterly, so she was appointed, um, to the Her position, director of cyber security and infrastructure agencies, uh, uh, back in 2021. And, uh, so it was July of 2021 and we had her on the Black Hat keynote stage three weeks later.
Um, so it was, uh, and it was a fantastic talk. She did a really good job really digging into her vision around how hackers and government and the private sector can all work together. That was sort of the. The main, um, you know, underpinning of her of her talk. Um, but she was literally three weeks into the new, the new role.
So we were very eager to have her back now that she's a couple of [00:16:00] years in and can, can speak with more experience, you know, in the, in the job. Um, this time it is a different format. We were doing more of a four, a fireside chat format. So, um, and that fireside chat is with Victor Zora, um, Victor. Uh, so he is responsible for defending So Ukraine's digital infrastructure and and even as this war with Russia rages on so it's Really interesting for us, you know that uh that just that Two people from two different, uh, governments, uh, looking at security operations in a real world.
Um, you know, setting the war in Ukraine and how Ukraine has had to defend against attacks on its, uh, digital infrastructure, uh, from one You know, head of Sisa to to the head of cyber infrastructure in Ukraine. I think it's going to make for a really interesting and insightful conversation around what they're seeing, how they're responding and what they're learning from the war in Ukraine.[00:17:00]
Sean Martin: Yeah, it's a sad topic, but necessary topic to discuss. And I think as a As an industry, we often point to healthcare as the, where cyber touches human life, and clearly this is another area where that, that is happening, and, um, Yeah, I'm I'm looking forward to that conversation. I'm sure there'll be many, many takeaways there, uh, for folks to learn.
And, uh, Thursday morning. Uh, yes, Walden. I was a little bit about that.
Steve Wylie: Yeah. So Kemba Walden. So she's acting national cyber director in the office of the national cyber director. Um, so we're very fortunate to have someone from the executive branch this year of the U. S. Government, um, addressing black hat.
I think, um, what I'm excited about, you know, is it. Just. in Canva's tenure, uh, in, in this role. I mean, she's, [00:18:00] there's a lot of really, um, significant things that she's been a part of. So starting with, um, uh, the implementation of the executive order 14028. So that was, uh, uh, improving the nation's cybersecurity, which dug into a lot of really important, um, um, issues.
Uh, so this is back, I think in 2020, One, um, addressing things like public private cooperation. Um, how do we reduce friction within the federal government on sharing of, of, uh, of intelligence between intelligence agencies around around threats, uh, dug into things like supply chain security. So, of course, that was right on the heels of, um, solar winds was the big.
The big topic back then. So I think, um, what I'm looking forward to in the talk from Kemba is hearing from someone that's really directly involved with some of these really important issues at a federal government level within the executive branch of the government. So she'll be our Tuesday or sorry, our Thursday morning keynote, uh, really [00:19:00] setting the tone for that day and kicking us off.
Yeah.
Sean Martin: And I, I mean, I, I I've seen it over the years, the, the number of policy related and big picture conversations like these coming to bear, which is super important. I mean, we These problems are complex. And while we all have our own little enterprise or entity or startup, whatever it is that we're trying to protect ourselves, even, um, we need somebody looking at the big, big picture.
And I think that that big picture helps drive some of the day to day activities for each of us as well. So I'm thrilled to have to see those. Three keynotes come together at that level. Um, but I know a lot of people want to get into the nitty gritty. You mentioned that's, that's one of my favorite, the open source tools and seeing all smart people sharing their, sharing their, uh, skills and technologies with others to, uh, to help improve things where, where else can, [00:20:00] uh, maybe.
One of the more technical folks. Yeah. Not that they shouldn't care about the policy stuff, but they want to get into the ones and zeros.
Steve Wylie: Yes, the ones and zeros are always a big, a big deal at Black Hat. And that's, you know, most notably is the, the Black Hat briefings, right? Which are generally quite, uh, quite technical.
Um, and so we've got a fantastic lineup this year, and I would say, uh, I reached out to our content team. So, uh, Jennifer Hughes and Steve Oldenburg, who, who they're the team within the black hat team that liaise with the black hat board and really. shaping the content. So I reached out to them just to kind of take their pulse on what was, you know, what was the review board sort of, um, you know, excited about in the process?
You know, like I mentioned earlier, it's a really long process. There's a lot of really long phone calls. So, you know, what were their takeaways there on, um, things they're excited about and, and, and why, right? So I've got a kind of a short list, uh, of talks that are kind of, you know, on their radar and therefore they're on my radar and I'll definitely be [00:21:00] checking them out.
Um, so the first one, um, James Kettle. So he's, uh, he's a, uh, um, repeat speaker. He's always a very high scoring, uh, uh, speaker at Black Hat has spoken with us many, many times. So he's doing a session on called smashing the state machine, the true potential of web race. Uh, conditions. So, um, this is really looking at, you know, web applications and race conditions.
Um, uh, and a flaw, you know, as a, you know, web race conditions, a flaw that produces, uh, unexpected results around web applications. So he's got some original research that he'll be disclosing at Black Hat. I think he's got an arsenal tool as well that he's going to be bringing, um, that really looks at that.
And I think the review board was excited about this one just because of the, you know, The, the wide reaching, far reaching implications of something like this. Um, there's so many, uh, web applications out there. Yes. A lot of web apps out there. So I think [00:22:00] this one is, uh, it's scored really highly in the, in the review process and also just knowing the researcher himself, he'll do a great job with it.
So I think that's going to be one to catch for sure. Um, there was another session. Um, so this actually dovetails in nicely with what we were talking about earlier with the war in Ukraine. Um, this this session is lessons learned from K. A. Sat cyber attack response mitigation and information sharing. So this is, um, the very high scoring session submission within the review board.
Um, this is a This KASAT is it's a Viacom satellite, which serves much of Europe, including Ukraine. Um, and this was described as this submission was described as the review board from the review board as, uh, as groundbreaking in that it's really one of the most important hacks over the last couple of years.
So that caught my attention. Um, and what we're talking about is a real world satellite attack, successful satellite attack with, you know, wide Reaching consequences within Ukraine, [00:23:00] uh, who is of course as we talked about engaged in active warfare Uh, and and is very much dependent on this communications infrastructure And I think sean you were touching on this earlier like the you know, human life, right?
We're talking about here So the implications are really profound and serious Um, so I think um that really got the attention of a lot of folks within the board as well. So this is really This session, I think is going to be good because it highlights how Viacom collaborated on incident response with several government agencies, uh, and the intelligence community and law enforcement enforcement agencies.
Um, and we're going to have both, um, Viacom as well as, you know, the vendor, as well as the, um, NSA will be on the stage doing this as a joint presentation. So I think this is really, really insightful stuff, uh, on a, you know, very serious, serious and important topic.
Sean Martin: Yeah. Space is, uh, well, the new frontier, right?
Certainly for this as well. We know, we know the aerospace, uh, [00:24:00] villages really, uh, beefing up their, their research. And I hack us out. I just, uh, had a chat with those guys a few weeks back and there's a lot of stuff up there that a lot of people probably don't realize that controls our stuff down here or helps us live down here anyway.
So, oh, that's going to be a good one. Excited
Steve Wylie: for that. There's another one uh, that made the list for me anyways, was uh, dismantling DDoS, lessons and scaling. So, um, this is one, uh, that the FBI are participating in, which is sort of, uh, uh, which is great, like we have the FBI doing a session at Black Hat this year, um, and it's really, you know, their look at, at, Global, uh, DDoS trends, right?
So it's, you know, how many attacks, what type of attacks against what types of targets. So they're overlaying all of that data across, um, time, um, economics, geopolitical events. So I think that's going to be a really insightful session. And you know, DDoS [00:25:00] remains a very, a very important. Big problem, obviously for everyone.
So I'm having a group like the FBI. They're presenting on kind of what they're seeing their viewpoint Uh, and what the future might hold there. I think it's going to be really really good, and then there's one session that I included just because it kind of fits in with the I will say the fun category as well as maybe a public service announcement category Uh, so this is a session called oven repair the the hardware hacking way.
So this is um Uh, a researcher Colin O'Flynn demonstrating a low level of hardware hack into a Samsung oven. Um, so, uh, thus, um, uh, saving the oven from becoming e waste, right, because he was having problems with it and, uh, and, and ultimately, um, saving his, uh, Thanksgiving turkey. So, uh, those sorts of talks are always, uh, are always kind of fun to have something to keep us focused on, you know, the The bigger prize, the turkey on Thanksgiving Day.
That's right. The
Sean Martin: food, anything dealing [00:26:00] with food. I'm on there. Yes. Well, let me see. I love that. Uh, that, that list of a few, few really cool ones there. Let's see if I can spot. Any of the new stuff? Um, I thought maybe I did. Was it uh, only one stood out to me though. Okay. Maybe, maybe something, maybe they came back.
Oh, two things. Micros Summits. Is that one of 'em?
Steve Wylie: Micros Summits? Yes. Day zero.
Sean Martin: Day zero, I recall, but I don't know if it was their and they came back. I dunno.
Steve Wylie: Day zero is, has been been around. So talk to me about my. Okay. Yeah. So, so let's talk about some of the new stuff because there's a lot of it this year.
So day zero is, is, is not new. We've been doing it for a few years. So this is for people not familiar with it. This is, this happens on the day before the briefings day zero. And it really is sort of an introductory session into black hat. So we do, what's new about it this year is we, we, we change up the content each year.
So, yeah. This year, [00:27:00] you know, we, we've got some folks from the Blackhat review board. They're really helping, um, especially newbies to, to Blackhat, uh, understand how to navigate the event, what talks are they especially focused on? What, how do you make the most out of their time at the event? It's, you know, Blackhat's such a strong community event and people get so much out of being there that week.
Um, so what better, um, you know, People to guide that effort than the blackout board themselves, many of whom have been involved with blackout since day one, right? So it's a really good, um, way to just kind of get immersed into the whole blackout experience. We've got a couple of new programs. Micro summits are not new.
We've actually had these. We had introduced these before the pandemic. Um, we did one on cyber insurance. We're bringing that back, um, this year. So I think that the new on micro summits is that they're back in full force in person. We've got the cyber insurance micro summit that's being led by Jeremiah Grossman, you know, black hat review board member, [00:28:00] someone quite well known in the community as well.
Um, so that one is, uh, you know, an important adjacent topic, you know, micro cyber insurance isn't something we talked about in depth within the briefings, but it's a whole lot. Thank you. You know, new, big, important area for people defending their enterprise. They understand their, their cyber insurance, uh, policies and practices as well.
So, uh, Jeremiah does a good job with that one. And then a new one that we're doing this year, uh, is, um, is called, uh, entrepreneurship. So this is really, um, with this one, it's, you know, how do we, uh, help that next generation of cyber researcher who might be thinking of a new, uh, you know, business idea? Um, and, and how do we, and how they get off the ground, right?
So we've, we've seen so many examples, uh, Founders of companies at Black Hat who started off as a Black Hat attendee. And, you know, they were, uh, maybe doing some research or, or, or just there, uh, generally [00:29:00] attending the conference or, or what have you that have then gone on to establish, um, known companies and grow those companies.
So we, as Black Hat, we, we recognize our role within the, within the community. We want to be,
uh, You know, bring those opportunities to bear for people who might be starting off on that process. Um, so they, the new entrepreneur micro summit is going to be led by Justine bone and Caleb Sima. Um, we're really looking forward to that. We actually had, um, two of our winners for our spotlight competition this year are going to be presenting within the entrepreneur micro summit.
So really good sort of full circle there where we introduced this, um, The spotlight competition at Black Hat, uh, which is basically we put out a call for entries for anyone that's very early on in their, uh, in their company or product rollout, um, to submit, [00:30:00] you know, to us why, you know, why this was, uh, an interesting, uh, innovative, um, thing.
And, uh, we've. Kind of winnowed that list down to a final four, uh, companies, presenters that will be taking the stage of Blackhat to present their their business. Um, and a final winner will be announced at Blackhat in the spotlight competition. But to have two of those people, entrepreneurs themselves who have taken something from idea to business To winning the spotlight competition, final round, um, at black cat, you know, this is really great to have them on the stage talking to, um, you know, budding entrepreneurs, people who might be thinking about taking a similar path.
Um, so the spotlight competition, not new, uh, per se, but it's, it's something we launched last year, but we've sort of built on that. It was really successful last year. We got the attention of the community out there of people who are starting new, uh, businesses. So the, you know, The, uh, [00:31:00] the plan is this is something we want to continue to grow and really make this, uh, this competition a main event at Blackhead each year.
Sean Martin: I love it. That's, uh, well, Wednesday, I presume is, is the collection of presentations, right? And then at the end of the day is the, is the announcement. And then you have all day, all day Thursday to, uh, hang out with the. The finalists.
Steve Wylie: That's right. All four finalists will be there in our, in our, on, on the show floor.
That was part of the, um, the prize for, for getting to that final round is they got a spot, which is also really cool that we can, you know, as black hat help these companies along to get established by giving them some visibility. They've got, you know, they've done a lot of work of coming up with something really innovative and unique and, and they've won.
And we want to showcase that to the community and get them some, um, Thank you. Some attention. So, um, I think this is a really nice, uh, way for, you know, for blackhead to give back. Um, we've also got, you know, in, in the new category, we've got [00:32:00] a, uh, a new, um, session we're calling diversity micro talks. So this is part of our community track, right?
So we've got a very robust community track at black hat that covers a lot of really important, uh, Topics, uh, just, just around, um, you know, social topics, um, sustainability topics, uh, you name it, um, there's, it's, it's a program that we've been building on for probably seven or eight years now and trying to really, uh, make that an important part of the Black Hat event experience.
So, um, this, uh, this year we've introduced these, these, uh, Micro talks and we've got three very practical sessions offering, uh, unique perspectives on creating positive change within one's company Um, so it's uh, there's one talk. Uh, andy ellis is leading focused on inclusion within the workplace we've got a a talk being led by megan jacquot and and Uh, ask the cell me that's going to focus on data centric approach [00:33:00] to breaking barriers within the, uh, within the organization.
We've got a session from Olivia Rose on microaggressions and turnover. So, you know, really looking at, these are very practically oriented sessions, like, you know, these social topics that have a, an impact on your, your, your enterprise, on your business and your workforce and how we can be better aware of those to create better environments for our, for our teams.
Sean Martin: Some names I recognize as well. So I'm sure, uh, going to be some great sessions there. So clearly I'm not a researcher because I didn't dig deeper far wide enough to find those new things. But I'm excited. He continued to innovate and expand and grow the content and bring new, new things to light. Um, you touched on the, the four winners get a spot on the show floor.
So let's talk about show floor for a moment. The [00:34:00] business hall is, I mean, at Black Hat, it's, it's a chance to actually talk about how, how attacks maneuver, right? How, how, how a business is impacted. By the, these attacks and, and how teams can use tools to help, uh, mitigate the risk or the threat and, and, uh, and respond to the attacks.
Um, it's, it's a place to have those technical conversations with the companies that, that know what's going on. . So talk to us a bit about the business hall. Um, I don't know if there are any highlights, uh, you wanna share from there? Yeah, any snippets.
Steve Wylie: So, uh, the business hall is, uh, is continuing to expand.
Um, I think we'll, we'll welcome well over 400 exhibitors this year to the event. Um, so we're thrilled with that. And I think, you know, what we try to really, um, encourage and I think what makes black hat unique and even though that is a big Business hall. And there's [00:35:00] a whole sort of, you know, vendor side to the to the event.
We really encourage. And we what we see is that those sponsors do a good job of providing still good technical resources and representation within their booths. Um, even if they're doing a sponsored session, there's some great sponsored sessions where there's some real. Very solid subject matter experts often the subject matter expert that's doing a sponsored session So we definitely want to encourage people to check out the full lineup of sponsor talks as well Uh, because it's there's almost as many sponsor talks as there are blackout briefings So it's a very very large part of the program um, and yeah and staffing the the booths with with Technical people, you know, the attendees, we hear time and time again, attendees want to hear from the engineers.
They want to hear from the practitioners. They want to, you know, they, they, um, they enjoy that exchange that they, they get within the, the, the business hall. Um, so we want to keep encouraging that, uh, we're again, we're expanding the business hall. So we're kind of in a similar [00:36:00] space usage as we've been, uh, over the last couple of years with the business hall in A, B and C on the first level.
This year it goes A, B, C, D. So we're taking a little bit of Hall D as well. Arsenal will be back, will be back there. So there'll be some familiar things in the new space. Uh, we've tried to create some, uh, more kind of engagement, uh, areas within Hall D, the new Hall D as well. Um, uh, really picking up on, um, we've got, we launched an event in the, in the Middle East, um, two years ago, Black Hat MEA, um, and, uh, The team there is doing a really good job of creating, uh, really good interactive spaces.
So if you was a few of us were at the event last year, uh, and Riyadh and came back with some, some ideas on, on different things we could do with the other blackhead events as well to create more interactive, uh, um, spaces. So things like, uh, drone hacking, um, are going to be, be there. So I would encourage everyone to check out the, uh, some of the fun stuff happening back there, uh, as well as the overall, uh, business [00:37:00] hall, uh, and, and sponsors.
Sean Martin: And then doesn't get more real time engagement than the NOC. Yes. So, the NOC, the NOC's still there. Obviously, you have to have a network to run all this stuff. And one can only imagine the fun things that, uh, across those, those, uh, wires and, and, uh, waves. Um, anything, anything new with the NOC? I
Steve Wylie: can't say enough for the NOC team always.
Uh, so I think, uh, I mean, these guys are so well known within the community as well. So, uh, uh, Bart and Grifter as everyone, uh, refers to them, but it's Bart Stump and Neil Wyler and Steve Fink as well. Steve Fink is, uh, sort of the third, uh, member of that. That team that really, um, do such an amazing job of protecting us and protecting, uh, attendees at the event and make sure that all of our trainings can happen, uh, without, you know, a hitch knock on wood.
Um, [00:38:00] so yeah, they're back this year and what we've been trying to do, I think with the knock program over the last few years, it's not a new thing this year, but we're certainly continuing to build on it. It's really. Getting people more access to the knock through, um, sessions, you know, they, we, we do Barton Griffey usually do a session, uh, tails from the knock, um, on their kind of learnings from the, from the week, because they've got one of the, the most incredible sort of security operations centers there, right?
They're seeing real world things happening at black hat. Uh, just given the nature of the event, there tends to be a lot of activity and these guys are kept really, really busy. Um, they do. Firstly, they do a phenomenal job with protecting us, but they also make it fun, right? So they, uh, I would definitely, if you haven't seen the Barton Grifter talk, um, definitely put that on the, uh, on the agenda because it's always one of the highest rated talks at the event and they bring in some key learnings and insights from the, from the week.
They're looking at real traffic and they're looking at real threats and, and, uh, there's always some good insights [00:39:00] there that, um, um, That make for, um, good learnings, but also good, you know, entertainment. Yeah.
Sean Martin: Yeah. Those guys are amazing. And the doc is incredible. I mean, it's not fun and games in there.
It's real, real stuff to your point. I mean, Blackout is one giant demo and we all know how. Live demos go right to, they're not, they're not easy to pull off and you're doing a ton of it. So hats off to, uh, to the NOC team for sure. Um, all right. Hi, we've touched on a lot. Um, there, there's so much more in there that there's something for everybody, of course.
Uh, In the show notes, we'll include links to the things we touched on here during our chat, Steve. Uh, of course the, the main page where the schedule can be found. Um, We're working with your team to line up some more conversations to talk about more of these topics a little broader [00:40:00] to kind of highlight some more of the sessions that are that are taking place in the briefings that are happening.
So I'm looking forward to that and appreciate your team support in that effort as we continue our coverage. Um. The dates fifth through the 10th. Yes, four and two. Saturday through Thursday. Through
Steve Wylie: Thursday, yep. In Las Vegas, man, go in Las Vegas and then you can carry on to Defcon, uh, for the rest of your week.
And, uh, by that following week you'll be ready to to fall over.
Sean Martin: Exactly. Exactly. Full of knowledge. Full of knowledge. Full of knowledge. I love it. Well, Steve, uh, it's always a pleasure and, uh, I know Marco sends his best and, uh, we, we look forward to, uh, All the, all the goodness in Las Vegas with you and your team and the rest of the, uh, black hat community.
And, uh, Final word from you, call to action.
Steve Wylie: Final word for me, uh, is, um, I would say, uh, [00:41:00] you know, uh, the, the, as the security threat continues to evolve, we need to continue to evolve how we're responding to that threat and there's, to that threat, and there's no better way to do that than to get among your peers, right?
So, um, you know, we hear that time and time again from our attendees, from our, our speakers, from our review board, you know, the whole, Uh, hallway con lobby con is such a big part of the event, you know, and about building that community. So really, you're just leveraging that full week in Vegas to connect with your peers, uh, connect around key learnings to help, you know, defend whatever enterprise it is that you're defending out there, uh, to stay ahead of the bad guys.
So we look forward to seeing everyone in Las Vegas. It's going to be a great week and it'll be here before we know it's
Sean Martin: around the corner. All right, Steve. Well, thanks. Thanks for, uh, Kicking off our chats on the road to Las Vegas as part of our coverage here. And thanks everybody for listening and, uh, hope to [00:42:00] see you in Las Vegas in August.
We hope you enjoyed this conversation. If you learn something new and this story made you think, then share ITSPmagazine with your friends, family, and colleagues. If you represent a company and wish to associate your brand with our conversations, sponsor one or more of our columns. We hope you will come back for more stories and follow us on our journey.
You can always find us At The Intersection of Technology, Cybersecurity, And Society.