This year has been particularly interesting for cybersecurity. High-profile incidents and other areas of focus in cybersecurity provided the backdrop for Hacker Summer Camp 2024 in Las Vegas in August. Topics frequently covered during this year’s conferences included:
Increased focus on critical infrastructure – Critical infrastructure is becoming increasingly complex, distributed, and difficult to describe in terms of security. As such, this year’s conferences have brought increased attention to securing critical infrastructure. Echoes of the CrowdStrike Incident – While the infamous CrowdStrike Windows outage in July was a mistake, the hints at lessons to be learned from the event were often from a critical infrastructure security perspective. The outage – and its aftermath – prompted discussions about what impact might be had if bad actors were behind a similar incident. The (almost) XZ Utils Backdoor – The discovery of the XZ Utils backdoor in early 2024 – a dedicated talk at DEF CON – serves as a reminder of the increasing sophistication of adversaries.
I’ve published a technical brief from CableLabs to share my key takeaways from this massive cybersecurity event that combined Black Hat USA 2024 and DEF CON 32. In addition to covering the highlights of the talks and demos I attended, this technical brief dives into the discussions I found most useful and the commonalities I noticed across many conference areas.
There’s no doubt that Summer Hacker Camp offers more than anyone could hope to see or do on the conference floor in a single day. Each conference was packed with a wealth of new research, insights, demos, and more. However, the highlights in my tech briefing provide a solid, in-depth overview of some of today’s hottest topics and issues in cybersecurity.
I’ve included more quick points below, and CableLabs members looking for a more comprehensive briefing can download the Tech Brief.
Common Links at Black Hat USA and DEF CON
I found that the topics covered in the presentations, demos, and talks at Black Hat and DEF CON fell into three main themes. I have expanded on these themes in the technical brief.
Deep Learning (Human): The Need for a More Comprehensive Understanding
Conducting thorough security background research is critical to excel in innovation and build strong security postures. Especially in light of the rapid adoption of advanced technologies, security professionals need to deepen their knowledge to better secure their infrastructure. Collaboration is also crucial to building deeper knowledge bases on technical topics.
Back to Basics: Getting back to basic principles and applying them
The fundamental principles of cybersecurity form the basis for maintaining a strong security posture when implementing, deploying, or maintaining any technology. As security researchers and practitioners, part of our role is to see use cases toward abuse cases as a first step to ensuring the fundamentals are in place and educating and empowering others to do the same.
Inevitabilities and Cybersecurity: What We Must Accept and Why
My white paper details examples where adversaries adopt and exploit new technologies, regardless of our adoption. There are always important caveats and details to consider to ensure the safe use of new technologies when they are adopted. However, my white paper discusses how the potential security benefits that come with the thoughtful adoption of new technologies often greatly outweigh the risks they pose.
Rapid adoption of artificial intelligence, its potential and risks
AI once again took center stage (including at the inaugural Black Hat AI conference). Particular focus was on AI agents, assistants, and RAG-enhanced LLMs. As with last year, these tools were viewed through the lenses of “AI for security applications” and “AI security” considerations, both of which offer tremendous opportunities for research and innovation.
Download the Tech Brief to read takeaways from key talks on this topic at conferences.
Building safer networks together
It’s an exciting time in cybersecurity! With all the innovation, vision, and calls to action we saw at Black Hat USA and DEF CON this year, it’s clear there’s a lot of work to be done.
To read more from my report, download our members-only technical brief. Our community of members and vendors can participate in this work by participating in working groups at CableLabs.
Did you know?
In addition to in-depth technical reports covering events like this one, CableLabs publishes event briefings — written by our technology experts, exclusively for our members. You can view recent reports (member login required).