Blog

Thought Leadership

Black Hat USA 2021で話題となった主要な6つのポイント

Black Hat USA 2021で話題となった主要な6つのポイントDefault blog imageDefault blog image
20
Aug 2021
20
Aug 2021

Earlier this month, the industry’s largest hybrid event – Black Hat USA 2021 – took place online and at the Mandalay Bay Convention Center in Las Vegas. The event, which highlighted the latest security trends and technology best practices, attracted over 6,000 in-person attendees, while over 14,000 tuned in via the virtual platform. Eloy Avila shares his six key takeaways.

1. The cyber security landscape is changing, but the threat types remain the same

As hackers continue to innovate and the attack surface widens, the threat landscape is evolving drastically. Despite a massive shift to remote work, the significant threats themselves have not changed since Black Hat 2020 and the early days of the COVID-19 pandemic.

Zero-days, ransomware, APTs, supply chain attacks, targeted phishing, and threats to OT and IoT environments are still the top concerns, though we have seen an increase in attacks on the email and SaaS side. While the attack methods largely remain the same, high-profile attacks like that on Colonial Pipeline have business leaders paying increased attention.

2. CISOs rise to new prominence within the C-suite

CISOs report that their engagement with the rest of the C-suite has dramatically improved due to new priorities and discussions around cyber security. Broader fears about hackers’ sophistication – and that nation-state attacks can directly impact private sector companies even outside of critical infrastructure – have spotlighted the vital role a CISO plays within an organization.

3. The future of security tools: Understanding both OT and IT

Over the past year, more operational technology (OT) institutions have moved away from security tools that focus solely on OT environments to those that understand IT and OT. Before Stuxnet in 2010, most cyber-attacks targeted traditional IT environments. Now, operational technology environments are victims, too (for example, the attacks on Colonial Pipeline and JBS).

With the digitization of our world, IT and OT have become more interconnected (also known as IT/OT convergence), forcing OT security practices to adapt. CISOs are now widely recognizing the importance of tools that can defend both OT and IT. Security tools need to operate in both IT and OT environments with a multi-layered approach to intelligently interrupt cyber threats early in the kill chain, on both sides of the network, and minimize disruption.

4. Supply chain attacks heavily reduce the operational cost of mass exploitation

Supply chain attacks create indiscriminate damage, as we saw with SolarWinds in December 2020 and Kaseya in July 2021. Regulation alone will not be enough to combat supply chain attacks, so businesses themselves need to invest in the right security tools and procedures to ensure cyber health and resilience. Supply chain attacks are virtually impossible to detect with legacy, signature-based security: the malicious software is packaged as legitimate and delivered into the heart of thousands of organizations by trusted suppliers and partners.

Artificial intelligence (AI) is making huge steps forward in this area. Today, the most cyber-mature organizations already rely on AI systems to continually monitor their risk across globally distributed networks, made up of multiple third parties worldwide.

5. Zero-day vulnerabilities are on the rise

Newly identified zero-day vulnerabilities in the wild have steadily risen over the past few years. 2021 saw an unprecedented spike in zero-day vulnerability detection, rapid reconnaissance, and active exploitation. Data compiled by Google’s Project Zero reveals that 2021 is the biggest year on record for ‘in the wild’ zero-day exploits. While security professionals can usually anticipate 20 to 25 exploited zero-days in any given year, 2021 saw a massive 33 before July alone. Notably, both supply chain attacks listed above (SolarWinds and Kaseya) resulted from hackers exploiting zero-day vulnerabilities.

6. Offensive vs. defensive security

Cyber compromises have increased over the past decade, and defenses that look in the rear-view mirror are struggling to withstand the new wave of attacks.

Improving defensive security is possible with a better understanding of “action bias” (e.g., individuals will act without fully understanding o­r evaluating the situation). Security professionals need to fully understand what occurs when compromised before acting, even when the case is stressful or time sensitive.

Innovations like AI help augment human teams by providing complete visibility into the network, giving context around an attack, and helping human teams triage, prioritize, and summarize incidents. We need to put cyber teams on the front foot: proactively monitoring and investigating threats in real-time as they develop instead of consistently reacting to threats that have already escalated into attacks.

Read more: 2021 cyber-threat trends


More in this series:

該当する項目はありません。

Like this and want more?

Receive the latest blog in your inbox
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
Eloy Avila
Chief Technology Officer, Americas

Eloy Avila has over fourteen years’ experience in enterprise software. Based in San Francisco, he works closely with Darktrace’s R&D team to develop its world-leading Self-Learning AI, and oversees the technology’s strategic direction in the US, Latin America and Canada. He currently sits on The Experiences Per Mile (EPM) Advisory Council, which brings together industry leaders to discuss the future of automotive and mobility industry. Prior to Darktrace, Eloy led global engineering teams at a number of listed technology companies, and has helped design and build ultra-efficient electric vehicles in the US and Australia. Eloy holds a degree in Electrical Engineering from Stanford University, California.

COre coverage
This Article
Black Hat USA 2021で話題となった主要な6つのポイント
Share
Twitter logoLinkedIn logo

Good news for your business.
Bad news for the bad guys.

無償トライアルを開始

無償トライアルを開始

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
For more information, please see our Privacy Notice.
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。

デモを見る

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。