Fear and Loathing in Vegas

What is the key takeaway from Black Hat 2019? Turn IT into the "department of yes".

There really is no other event in the cybersecurity calendar like Black Hat USA. It’s an event that has long had an aura of mystique and mystery as the place where the best hackers gather to talk about the latest trends and showcase the newest vulnerabilities.

In recent years, Black Hat, which was created by Jeff Moss, founder of the DEFCON security conference, to be a more corporate-friendly event, has truly become more…corporate. A decade ago, you’d be hard-pressed to find more than a handful of company booths, but that’s no longer the case.

At the Black Hat USA 2019 event, there were hundreds of exhibitors spread across two sprawling exhibit halls at the Mandalay Bay Conference Center in Las Vegas, Nevada. Odo was was there – booth 664 – nestled right behind Malwarebytes’ massive blue Transformer-like robot. This was one of the better gimmicks and props trying to attract attendees to engage in some way.

The usual suspects were all present, anti-virus/malware protection vendors, firewall and perimeter defense as well as mobile and cloud security. For many exhibitors, the strategy at Black Hat (and to be fair at most trade shows) was to focus on challenges and all the things that can go wrong.

This is often what the cybersecurity industry is all about, the bad, the negative, the breach and the catastrophic data loss due to some kind of bad actor or attack. Fear sells.

The reality of the show floor though was that most attendees were already aware of the challenges, after all, that’s why they made the trek to Vegas in the middle of the summer (yes, it was hot, but thankfully the plague of grasshoppers was mostly gone by the time we arrived).

Security professionals don’t need vendors to tell them what their gaps are, what they are seeking is to talk to innovative companies who perhaps have a better way to fill those security gaps and overcome security challenges old and new.

It could be very easy for someone to go to Black Hat and become very discouraged about the state of IT security today, but that’s not what the real takeaway was this year. Beyond the exhibit halls, Black Hat was in full swing with sessions on every trend and topic that is of concern to modern IT organizations. The real takeaway is that there is a path forward and there is room for optimism in the IT security industry.

The big message this year was that it’s important to empower security teams to be able to say yes to staff, rather than always being what this year’s keynote presenter, well known IT security professional Dino Dai Zovi, referred to as the “Department of No.”

Too often, security is seen as a barrier and an obstacle to productivity. What needs to happen is security needs to be reset to become an enabler for productivity.

So what are the top key takeaways?

  • There is no shortage of vulnerabilities and exploit vectors to be concerned about
  • There is no shortage of vendors that claim to have solutions
  • IT can and should position itself to actually help people get things done.
  • Better communication between users and IT security can lead to better outcomes.

At the end of the day, it’s important to remember what we’re all doing. Security is more than “doom and gloom”. It is not just about preventing the next data breach. Security is a business issue, and like any business issue, it is about enabling people to get their jobs done.

The big lesson from Black Hat USA 2019 was that good security is good business. And, vendors today cannot innovate around security without also considering its impact on the larger business. Vendors today have to show not only that they can improve security outcomes, but that they can also achieve better business outcomes.

These takeaways resonate well with Odo’s mission to boost business confidence by building secure and simple network access solutions, that solve real problems and set our customers up for success.

At Odo, we approach security the way our customers do – as a business issue that needs to be solved. Our zero-trust network access architecture improves security outcomes by ensuring that there is no network layer access and users only have access to those resources that they have been preauthorized to see, mitigating the risk of lateral movement attacks.

But on top of this architecture, we have also built the simplest way for IT and DevOps teams to manage and monitor network access – helping modern enterprises compete and scale in a market defined by the cloud, mobility, and increasing demands for agility.

To learn more about Odo’s zero-trust solution, email sales@odo.io or click here to schedule your personalized product demo.

We look forward to hearing from you!

Get fresh articles, insights and updates