Black Hat Founder Moss: Recent Attacks Good For IT Security

Looking at the threat landscape, Moss identified major trends in the security landscape that included raised awareness within organizations, increasing attention to cyber security at the government level and a more concerted effort to comprehensively protect Internet infrastructure at its core.

And these trends could be attributed, in part, to the researchers that speak openly about their findings, he said.

“The researchers are always talking publicly about this, they are some of the few people who are actually talking out loud about what’s going on,” he said.

Moss said that historically, the Black Hat conference was the harbinger of future security trends. “Everyone looked at what the hackers doing, and said ‘if that’s what they’re doing now, I probably should be doing something about that,” he said.

id
unit-1659132512259
type
Sponsored post

Not surprisingly, he said, issues and topics discussed at the conference typically manifest as major news headlines or security trends down the road.

“Stories that happened at Black Hat affected the world later,” Moss said. “With all the awareness that’s been going on around security, we have this great mirror.”

Also, with the growing and evolving awareness, Moss said that it was easier to make a case for security at the executive level, and for security to be part of the conversation earlier in the business decision making process.

“You’ve got more than enough stories now to explain to your management how (security) can be a business enabler,” he said. “If you involve us in the decision making process we can help you. If you only call us when the house is on fire, you have much fewer options.”

Now, Moss said, more vendors were reacting deliberately and intelligently when a security vulnerability is discovered in one of their products — a sign that the industry is collectively maturing.

"They don’t have that knee-jerk reaction so much when someone points out a flaw in one of their products,” Moss said.

As such, organizations that start the conversation sooner will have more control over how security can add value to their business.

Another trend that Moss said was gaining traction was international corroboration around cyber security, Moss said, highlighting the U.S. Department of Defense’s recently released Cyber Security Strategy, outlining U.S. targeted cyber threats threats and strategies to protect the nation’s infrastructure.

“That makes the U.S. the first to publish a national document that lays out policy goals,” Moss said.

With the ball rolling on national cyber security policies, Moss said that could lead other U.S. allies to follow suit, which would further propel international communication and collaboration.

“I’m hoping that will lead other countries to do the same thing,” he said. “We can figure out where we have commonalities and start working together.”

For example, if all are in agreement regarding issues like Internet child porn and work to address the problem, the same collaboration could extend to other global cyber threats, such as organized crime, or phishing, or money laundering, Moss said.

Finally Moss said that more so now than ever before, the Internet is being hardened with security functionality such as DNS Sec and an eventual IPv6 upgrade, intended to bolster overall security mechanisms at the core of Internet infrastructure.