More Black Hat 2023 Conference Highlights

A robot finger points up. This blog looks at noteworthy sessions at Black Hat 2023

The five-day-long Black Hat 2023 conference includes so many noteworthy sessions, in addition to our first blog, we decided to take an in-depth look at some additional ones. One of these is a discussion about whether decentralized identity—a hot topic these days—is hype or reality.

In a session Tuesday, Aug. 8, Omdia Senior Analyst Don Tait will delve into the technology, which has risen from the emergence of blockchain. Tait’s talk will look at the key characteristics of decentralized technology, such as verifiable credentials, decentralized identifiers, decentralized identity wallet, and blockchain.

It will also explore the advantages of decentralized identity compared to traditional identity, including control, security, privacy, and ease of use.

The session will detail use cases for decentralized identity, as well as the key drivers and challenges.

Real-World Cybersecurity Success Stories

Also on Tuesday, Omdia Senior Analyst Hollie Hennessy will lead a noteworthy session on “Stories from the Field: Success in Industry-Specific Cybersecurity.” Attendees will hear about security achievements in specific vertical markets like manufacturing, retail, and finance—all of which have their own unique security requirements and challenges.

A panel of vendors and solutions providers will discuss the importance of effective solutions that fit into the broader organizational security architecture and overall cybersecurity program objectives.

How Climate Change Impacts Cybersecurity

Climate change is garnering a lot of attention right now and another illuminating session on Wednesday, Aug. 9 will focus on its relationship to cybersecurity and information security to promote environmental sustainability. There will be Q&A sessions to discuss the environmental impact of infosec practices, strategies to make them greener, and the role infosec plays in climate resilience.

Topics will include:

  • the carbon footprint of infosec
  • how to reduce energy consumption
  • sustainable procurement practices
  • protecting critical infrastructure
  • supporting renewable energy systems

The goal is to explore solutions to make infosec a greener industry and its contribution to climate change mitigation and adaptation—a laudable topic for sure.

Abuse of APIs

One of the more worthy lunch and learn sessions on Wednesday is “Target-Rich Environment: Why Your Internal APIs are Ripe for Abuse.” Led by Anthony Lauro, security technology and strategy director at Akamai, the session will dive into API attacks, challenges, and steps organizations must take to ensure API visibility, governance, and controls.

The session will also cover why “back-of-house” APIs are so vulnerable, how they’re being exploited, and what is needed to defend against their ongoing abuse.

Neurodiversity in Cybersecurity

Being neurodiverse can be an asset in IT and cybersecurity, and one of the more poignant sessions of the conference, “Neurodiversity is MY Superpower,” will take place Wednesday. Dimitri McKay, principal security strategist and CISO advisor at Splunk, will discuss his personal experiences and challenges as a neurodiverse individual in the cybersecurity field.

From there, the session will broaden into a more comprehensive discussion about the differences and nuances of being neurodiverse in both the cybersecurity and broader IT industry. McKay will talk about the advantages neurodiversity brings and the fact that it enables innovation and problem-solving in cybersecurity.

Retaining a Security Team During a Major Talent Shortage

The conference wouldn’t be complete without a discussion of one of the significant pain points in the cybersecurity field right now—the workforce gap. On Thursday, Aug. 10, Jon France, CISO at the cybersecurity certification nonprofit (ISC)2, will discuss how to empower cybersecurity professionals to staunch staff shortages and retain staff.

This will result in the ability to strengthen defenses to mitigate a variety of cyber threats. Some of the key approaches that will be examined include guiding internal talent through training initiatives, implementing job rotations, establishing mentorship programs, and encouraging non-IT and non-security staff to join the field and cybersecurity team.

France will also share research insights, strategies, and tactics to help security teams thrive amid the global IT workforce shortage.

Be sure to check out these and other highlighted sessions from part 1 of our look at the Black Hat conference.

About the author: Esther Shein is a longtime freelance tech and business writer and editor whose work has appeared in several publications, including, TechRepublic, VentureBeat, ZDNet, TechTarget, The Boston Globe and Inc. She has also written thought leadership whitepapers, ebooks, case studies and marketing materials.

Reduce your patching efforts by
85% or more in less than 10 minutes