![]() ![]() The Global Commission on the Stability of Cyberspace (GCSC) was launched in February, 2017, with the stated goal of “helping to promote mutual awareness and understanding among the various cyberspace communities working on issues related to international cybersecurity”. And that is where there is some good news.Įarlier this year, a bunch of bright minds came together to address these issue. Getting large scale agreement that these things are not to be tolerated will clearly take a lot of time, plus some very bright minds. Stealing intellectual property and exposing private information are apparently cool in some circles. One look at any recent cybersecurity news feed will tell you that the world has not yet agreed on what the norms are in cyberspace. "One look at any recent cybersecurity news feed will tell you that the world has not yet agreed on what the norms are in cyberspace." But what are the norms in cyberspace, and who is going to enforce them? Of course, as one of my favorite musicians famously said, “Progress is not possible without deviation from the norm”, yet it is also true that, without norms, progress cannot be sustained. I’m not talking about guys called Norm, but norm as in “standard of acceptable behavior”. ![]() Of course, all of that would be less of a problem if cyberspace were populated solely by law abiding digital citizens who abided by civilized norms. So many threats and so many attack vectors, versus your organization’s meagre security resources. If your job involves protecting sensitive information from prying eyes, or making sure that the right data is available to the right people at the right time, then Black Hat can make you feel burdened and beleaguered. And to be clear, you can learn a lot at Black Hat about how to defeat the new threats, even as they are being presented.) Where in cyberspace is Norm? (If you want to read up on the hole-punching, vulnerability-exposing side of Black Hat, my colleague and fellow attendee, Cameron Camp has you covered, just scroll down to see all five blog posts. But these events are not just about breaking things in this post I point to one of several briefings this year which made that point quite effectively. ![]() One way Black Hat has prospered is by becoming the venue of choice for security researchers seeking to showcase new ways to hack something interesting, like cars, an ATM, or insulin pumps. How many thousands of people attended? I don’t know, but let’s put it like this: at random times there were long lines just to get on the escalators that let you out of the event area. In 2017, DefCon itself turned 25 and rolled over Caesar’s Palace in a tide of dark hued t-shirts and cargo pants. Indeed, Black Hat itself was spawned from DefCon as a “respectable” mid-week event for which security professionals could more easily obtain corporate travel approval than a wild and crazy weekend called DefCon. Ironically named for the criminal hackers that cybersecurity pros spend their days – and quite a few nights – defending against, the Black Hat Briefings quickly earned a reputation for excellent technical content.īlack Hat is staged right before the original Las Vegas hacker conference: DefCon. The end of July saw the twentieth staging of the conference known as Black Hat USA, a massive mid-summer pilgrimage of information security professionals to Las Vegas. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |