By Tiana Petricevic on August 21, 2024
AI,

Decoding Black Hat 2024 with Highwire

Over the past month and a half, Highwire’s cybersecurity practice has been focused on planning for one of the industry’s most pivotal annual events: Black Hat USA. This year, #HWCyberSquad members from across the country landed in Las Vegas to connect with the top security professionals in the biz, as well as learn more about what is top of mind for those on the front lines of our nation’s cyber defenses. 

Discussions at the conference, both within the standard programming and on the show floor, centered around the following topics: 

A Microsoft wake-up call

Dialogue around security vulnerabilities within Microsoft’s ecosystem, spurred by recent global outages and high-profile zero-day exploits, highlighted the risks associated with our increasingly interconnected systems and the additions of new technologies like AI. As one of the most widely used technology platforms, any vulnerabilities within Microsoft's infrastructure have far-reaching implications, affecting millions of users and businesses worldwide.

One standout session presented by Zenity, alongside a former Microsoft security architect, drew significant media attention as it centered around five ways Microsoft's Copilot could be manipulated by hackers. This presentation not only highlighted the potential for exploitation but also the broader implications of integrating AI and other new technologies into existing frameworks without proper measure of the security risks they can bring. The message was clear: innovation must be balanced with security best practices, something that has been a challenge for Microsoft in the past.

Black Hat falling shortly after the Crowdstrike outage further magnified conversations around the urgent need for greater industry collaboration to build resilience across the cybersecurity industry as a whole.

Protecting the pillars of democracy

Election security was a critical focus at Black Hat this year, especially in light of upcoming global elections and heightened geopolitical tensions. The keynote panel featured Jen Easterly (Director, CISA), Hans de Vries (COO, ENISA), Felicity Oswald OBE (CEO, NCSC), and was moderated by Christina Cassidy (Reporter, Associated Press). These experts dove into the challenges of securing elections in an increasingly complex threat landscape.

Jen Easterly emphasized the importance of connecting with local election officials to address concerns about the reliability of election results. While acknowledging that interference attempts are likely, she reassured panel listeners and the wider industry that numerous checks and balances are in place to ensure the integrity of the upcoming US general election. The panelists discussed the evolving threats of foreign interference, disinformation campaigns and how they could interfere with the election, and vulnerabilities within election infrastructure – all of which require a coordinated response from the public and private sectors. 

The panelists also discussed the risks that AI will bring to global elections this year. While a powerful tool for advanced threat detection, AI presented new risks in terms of disinformation and automated attacks on our election infrastructure. Felicity Oswald shared, "Resiliency is always going to be a buzzword in cybersecurity, and that's my job. But it's also the job of every public sector, organization, private sector organization, big and small organization in our civil society.”

Moving beyond the hype of AI

With the proliferation of AI and increased adoption across industries, it’s no surprise it was once again a major topic of discussion at Black Hat this year. While experts remain concerned about emerging risks such as prompt injections and model security vulnerabilities, they also emphasized that AI is moving beyond the hype cycle and beginning to deliver practical, tangible benefits - often seen through the ROI customers experience by integrating these new, automated tools. 

Discussions around AI have shifted from theorizing its impact to practical applications, with experts highlighting improved threat detection and streamlined incident response as a result of AI’s use. It’s clear that this year’s emphasis on AI signals a growing recognition of its utility and the permanence it will maintain throughout security tooling. 

Collaboration and innovation as the path forward

Alignment within the cybersecurity industry is evolving, with leaders encouraging collaboration across sectors. The need for proactive, rather than reactive strategies is of the utmost importance for cybersecurity professionals to remain one step ahead of modern, savvy attackers. Between the discussions on Microsoft, election security and AI, the message remains consistent: the future of the industry and creating a secure future for all will depend on our ability to foster collaboration and our ability to create a culture of resilience. 

Interested in learning more about how Highwire helps strategize for clients at major cyber events like Black Hat? Feel free to reach us here — we’d love to hear from you! 

 

Published by Tiana Petricevic August 21, 2024