Insights
Every year I look forward to Hacker Summer Camp in Las Vegas. Many consider it a must-attend event for cybersecurity professionals, and this year was no exception. With major conferences like The Diana Initiative, BSides Las Vegas, Black Hat, and DEFCON, attendees have the ability to learn something new and have access to a plethora of networking events. While I didn’t have the ability to attend everything, I’ll share some highlights and themes from Hacker Summer Camp 2024.
AI in Cybersecurity: A Growing but Maturing Hype
One topic that came up multiple times throughout the week was AI. With questions like “Is anyone actually using AI in daily operations?” or “What tools are you using to secure or find flaws in chatbots and other solutions that the business is bringing online?”. Many are validating use cases from many vendors that are bringing solutions to market like AI powered security engineers and analysts. I’ll expand on a few of these below.
Generative AI: The Next Frontier in Cybersecurity
Generative AI, the technology used to produce humanlike text, continues to be a central focus. Several companies are integrating this sophisticated AI into their products to create more intelligent systems. For instance, Dropzone.ai is using generative AI to build AI-driven SOC analysts. These virtual analysts are capable of monitoring anomalies and automating contextual data collection and analysis. All of that speeding up time to triage potential security issues. The potential is huge with the ability to speed up response times in complex environments.
AI and Penetration Testing: Challenges and Opportunities
Despite the significant strides made, several challenges remained on the table. Notably, identifying vulnerabilities and securing AI-driven services from potential exploitation remained a hot topic. AI systems require a new approach to testing. Prompt injection was the most prevalent worry and concern for many that I spoke to. Other worries like training data poisoning or exposure and exfiltration of training data came up, as well. Many are searching for providers and solutions to help the business continue to roll out new products while limiting the risk of abuse.
The CrowdStrike Incident: A Hot Topic
Many times, either based on timing or impact, a cybersecurity event leaves an imprint on the Hacker Summer Camp, and this year, it was the CrowdStrike outage in late July. The incident, causing major disruptions across companies around the globe, dominated discussions among the camp attendees with questions like “were you affected” and “will this change your approach to endpoint protection”.
Understanding the CrowdStrike Outage
The CrowdStrike outage was, without a doubt, a jaw-dropping occurrence, and many businesses and organizations are still feeling its aftermath. As detailed by TechTarget and many other news sources, the incident caused considerable downtime, affecting numerous customers who relied on the Crowdstrike Falcon to protect their Windows-based resources.
Despite the widespread impact, the cybersecurity and IT communities showed a commendable level of resilience. Discussion panels were filled with objective analysis of the incident as many leaned into lessons-learned.
An Unshakeable Trust in CrowdStrike
In an industry where trust is everything, it would be natural to assume the CrowdStrike outage would cause many organizations to overreact and question endpoint solutions with kernel access. However, the consensus was, while painful, few were considering abandoning Falcon. It was rather silly to hear that some organizations were looking to find a solution that wouldn’t touch the kernel. That’s a trade-off that has more risks than positives.
CISOs and Personal Liability: A Continuing Concern
I had the privilege of attending several pretty awesome CISO events. Like last year, personal liability remains a top concern for CISOs. Many leaders responsible for information security at their organizations bear the brunt of the responsibility when a breach occurs and still struggle for the business to prioritize security-related work. Even basics like vulnerability remediation can be tough to stay on-top-of when managing at scale and new vulnerabilities coming out monthly. Vulnerabilities are not the only source of a breach, but highlight challenges security leaders face in getting work done. Doubly concerning is that regulators are coming after CISOs for security work not being prioritized which can be outside their ability to get over the finish line.
There's been an increasing trend of CISOs asking for and securing Directors Officers (DO) insurance and leveraging independent legal counsel to lessen the risk of personal liability. As cases of data breaches continue to soar, many CISOs believe that extra protection is necessary.
Standout Talks at BSides and DefCon
No Hacker Summer Camp is complete without a lineup of talks. Among the standout discussions at BSides LV were two particularly thought-provoking presentations.
"Beyond Whack-a-Mole: Scaling Vuln Management by Embracing Automation" was one such talk. It delved into the importance of automating vulnerability management and left attendees with valuable insights on how to enhance their security strategies.
Likewise, the "Fault in Our Metrics: Rethinking How We Measure Detection and Response" talk encouraged professionals to question conventional methodologies in cybersecurity and explore innovative ways to improve detection and response.
I’m a big fan of Clint Gibler’s tldr;sec newsletter. It’s the only security newsletter I read every time it lands in my inbox. In the August 28th edition, he published links and a short summary of every talk related to AI at BSides, Blackhat and DEFCON.
As an avid reader of spy thrillers, I love reading about spytech being used in a story. Turning fiction to fact, a team from Israel’s Ben-Gurion University showcased how non-invasive techniques like these can allow attackers to decipher keystrokes based on sound patterns using AI algorithms. As cybersecurity threats evolve, items like this remind us of the increasing sophistication in adversarial tactics and the need to stay vigilant.
Power of Community: Friends and Networking
Amid all the technical discussions, panels, and presentations, one thing remains an amazing constant. The cybersecurity community is a true community. The week was an opportunity to reconnect with old friends and to make new ones, reinforcing the strong bonds of this unique community.
The connections forged at events like this help remind me that we’re not alone. We can ask questions, share laughs and sometimes do some pretty cool things at vendor sponsored events. Outside of the normal soul sucking that being in Las Vegas brings, the mental reset that comes with the week is special and something I’m thankful to have attended.
Don’t Miss Out on the Next Hacker Summer Camp!
Hacker Summer Camp 2024 was an awesome week filled with deep dives into emerging trends like AI in cybersecurity, sensitive issues like personal liability for CISOs, lessons learned from major incidents like the CrowdStrike outage, and, most importantly, the power of community.
As I look back, it's clear that the camp was not just about learning—it was also about growing and connecting. As I look forward to the next Hacker Summer Camp, I remain excited about the future of cybersecurity, technical advancements, and the resilience of our community.
Share this post
Insights
