Black Hat: A Summer Break from the Mundane and Controllable

Dark Reading yesterday published my most recent thoughts on a trend that continues to play out in the security industry. This trend – a focus on the external and sensational at the expense of the internal and mundane – seems to hit a high point during Black Hat.  

Consider this…

·     Hacking cars – cool

·     Russian election hacking – cool

·     Latest corporate breach story – fun at the expense of others

Yet….

·     Vulnerability management – less cool

·     Security process improvement – less cool

·     Security talent development – less cool

The consistent problem is that we all know the internal and mundane is what we control. These activities, things like patch management, are not likely to grab the headlines, nor get the attention of executives. However, we know internal improvements are more likely to reduce attack surface and improve the security hygiene of the organization which we protect.  I take a stab at why this phenomenon exists:

https://www.darkreading.com/threat-intelligence/black-hat-a-summer-break-from-the-mundane-and-controllable/a/d-id/1335397

Having said all that, I look forward to a week in Vegas where we can enjoy the cool and fun.

Cheers,

@johnbdickson