Neal Humphrey, VP, Market Strategy 
This is a continuation of the prior blog, Reflections on Black Hat 2024 (Part 1), where I talked about resilience in the face of significant vendor issues, daily attacks, operational risks, and contingencies.
In this blog, I will continue with the other sections promised around AI and ML developments, along with some changes to data security and how it is being used in the market.
AI (Artificial Intelligence)
While AI and ML were certainly present at Black Hat, in my opinion their presence and marketing weren’t as heavy as they were at RSA. I believe part of this can be based on what we saw at RSA, which was more announcements about the opportunities and future capabilities that companies were actively exploring. At Black Hat, we saw more announcements of the first ways AI/ML is being included as part of General Availability (GA) announcements or coming soon to GA and in current beta activities.
For example, Security Week chronicled four days of RSA announcements back in May:
Security Week RSA 2024 Announcements Summary (just increment the day number, like the old manual crawler days)
And they did mostly the same for Black Hat here: Security Week Black Hat 2024 Summary (Just the one page here so far)
Total number of announcements:
| Conference | Announcements | AI Related | Percentage | AI in the Name |
| RSA 2024 | 96 | 40 | 42% | 4 |
| BlackHat | 15 | 6 | 40% | 1 |
Obviously, there were more announcements at RSA than at Black Hat, and the percentages are close and do prove the idea. Okay, circumstantially, but 2% is 2%.
AI/ML has a lot to prove. I think the hype cycle is going to move faster on this technology than any other in the history of our market. I honestly believe we will probably see two waves of AI/ML with this being the first of a lot of promises, and the second being the expansion of some of the current promises that may be a bit out of current technical, or more likely organizational, reach.
Rising Data Security Concerns:
Data has always been the lifeblood of security. Without data, we don’t have good from bad, or the visibility to find and make those decisions. Data security has ALWAYS been a major factor in security. At Black Hat, data security discussions took two distinct directions.
The first is the standard conversations around the protection of data for AI, and GenAI purposes. Model poisoning, user input control, and monitoring, access control monitoring specifically into AI systems, etc. All were large points of conversation as vendors are now starting to roll out the systems they announced back at RSA, and trust must be earned in these systems.
The second is the SIEM consolidation actions that started a couple of months ago. The ability to collect data from multiple locations and understand their format, value, and best strategic use for the business is becoming increasingly an ongoing conversation for business value. This is before you even get into the questions around federated search across multiple clouds, domains, and even SIEMs. The number one consistent rising concern in data security remains the cost to be aware of and the use of these continual avalanches of data for security purposes.
Summary:
In summary, Black Hat 2024 emphasized working AI/ML applications and fewer hypotheticals, and I HIGHLY encourage all CISOs, SOC Managers, or others working on the security budgets and proposals to think long and hard on cyber outcomes and cyber resilience. Put some onus back on the business and get them involved in working through resilience questions, processes, and even tabletop exercises. You will find more willing thought partners moving forward than you would have this same time last year.
I am sure I missed a significant announcement in my review and my walks around the show floor. As someone needing to be aware of marketing efforts, I have to give Wiz credit for their booth idea, layout, and even color scheme. I never thought pastel everything would work at a security conference, but they definitely pulled that one off this year. It was well done and had a unique draw to it.
As we reflect on these key takeaways, let’s ensure that we’re not just reacting to trends but proactively shaping our security strategies for the future.
Throughout his 20 year career in the security industry Neal has held a variety of roles including Principal Security Engineer at SourceFire, Technical Solutions Architect for Cisco, and as a Director of Threat Intelligence Engineers at ThreatQuotient. Neal has worked with small to medium sized businesses as well as enterprise level organizations to help their security teams identify and solve Cybersecurity Operation challenges, as well as help them understand and mature Security Architectures and processes.
Share