Resilience and Generative AI: Key Takeaways from Black Hat USA 2023

Navigating the ever-evolving world of conferences and announcements can be quite the challenge. That's why we're here – to help you delve deeper into the insights that matter most. This month, we turn our attention to the aftermath of Black Hat USA 2023, which took place in the vibrant city of Las Vegas. With over 22,000 cybersecurity enthusiasts in attendance, Black Hat USA 2023 proved to be an electrifying convergence of minds from across the globe. In this article, we embark on a journey through the event's pivotal takeaways and emerging trends that have the potential to reshape the cybersecurity landscape.


Richard Dean

9/4/20234 min read

Black Hat USA 2023 was an electrifying convergence of over 22,000 cybersecurity enthusiasts from across the globe. In this article, we embark on a journey through the event's key takeaways and emerging trends that promise to reshape the cybersecurity landscape.

Cybersecurity's Evolution: Clint Huffaker and David Homoney hit the nail on the head in Beyond the Cyber Basics: A Recap From Black Hat USA 2023 when they mention the challenges that buyers and vendors face due to the continued evolution of cybersecurity. New security concerns and vulnerabilities are identified every day, requiring constant vigilance from everyone involved in keeping environments secure.

"Cybersecurity has evolved. Vendors are quickly adjusting their go-to-market plans, focusing on digital transformation strategies, cloud adoption, aligning with new regulations, compliance mandates, and the proliferation of applications and APIs in the digital era. Oh yeah, and we can't forget about Artificial Intelligence."

"Buzzwords, new features, and integrations were announced, yet every solution remains merely a piece of the puzzle in cybersecurity. Regardless of buyer persona, it boils down to people and a vendor's ability to deliver secure business outcomes quickly and efficiently. Business leaders are focused on innovation and differentiating themselves in the market, while faced with decreasing budgets, a looming recession and regulatory compliance. Complexity and the acceleration of cloud adoption are cause for concern around the imbalance between risk and innovation."

The Resilience Imperative: Jen Easterly and Victor Zhora highlighted the importance of resilience in the face of cyber threats. They emphasized that strong cyber defenses alone are not enough. The speakers repeatedly emphasized the need for organizations to build resilience in the face of cyber threats. This means having the ability to continue operating critical systems even if they are disrupted by an attack. This is especially important considering the increasing sophistication and frequency of cyberattacks. Here are a couple of good articles to follow-up on this topic:

Generative AI: A Double-Edged Sword: Maria Markstedter, founder of Azeria Labs and keynote speaker, is optimistic about AI but advises caution. Generative AI is increasingly being used by attackers to launch more sophisticated attacks. For example, Generative AI can be used to generate phishing emails that are more likely to be clicked on or to develop malware that can evade antivirus software. We must “rethink our concepts of identity access management in a world of truly autonomous systems having access to our apps.”

AI-Powered Defenses: To defend against AI-powered attacks, organizations need to start using AI themselves. This includes using AI to detect and respond to threats, as well as to develop new security products and services. “While the jury is still out on whether attackers will benefit from generative AI more than defenders, the endemic shortage of cybersecurity personnel presents an opportunity for AI to close that gap and automate tasks that might provide an advantage to the defender”, noted Michael Daniel, president and CEO of Cyber Threat Alliance and former cyber czar for the Obama administration.

Human Oversight: The Guardian of AI: While AI can be a powerful tool for cybersecurity, it is important to remember that it is still a tool. AI systems can make mistakes, and they can be fooled by attackers. It is therefore essential to have human oversight in place to ensure that AI systems are used safely and effectively. Ram Shankar Siva Kumar, a machine learning and security data analyst at Microsoft, said that “it is a mistake to always trust AI because with that, we are rationalizing that the outcome is always in our interest”. Instead, he recommended using AI as one tool of many rather than a replacement for real data. This requires “interrogating the validity of AI’s answers and cross-checking it,” said Kumar.

"Secure by Design" Philosophy: The Cybersecurity and Infrastructure Security Agency (CISA) released a new publication that provides recommendations for technology manufacturers to ensure the security of their products by following "secure by design" and "secure by default" principles. This is a major step forward in the fight against cybercrime, as it will help to prevent vulnerabilities from being introduced into products in the first place. By shifting the balance of cybersecurity risk from the end user to the manufacturer, it encourages manufacturers to take responsibility for the security of their products and reduces the burden on end users to secure their devices. This can lead to a more secure ecosystem overall.

The “Assume Breach” Approach: In cybersecurity, the “assume breach” mindset is common, and security systems are designed with the assumption that attackers are already inside.

Clear and Present Danger: Reports of China's prepositioning in parts of the U.S. electrical grid highlight the real and immediate threat to critical infrastructure. The need for stronger resilience is urgent.

o Could Russia launch a cyberattack on the US power grid? | Security Magazine

What does this mean?

The lessons from Black Hat USA 2023 are a wake-up call for all. Critical infrastructure faces heightened risks, and Generative AI is rewriting the rules. To bolster cybersecurity resilience, organizations should:

1. Assume breaches, especially in infrastructure.

2. Embrace a "secure by design" philosophy.

3. Develop contingency plans for system disruptions.

4. Practice incident response rigorously.

5. Stay abreast of the latest threats and trends.

6. Monitor networks for anomalies.

7. Strengthen passwords and adopt multi-factor authentication.

8. Keep software up to date.

9. Foster a culture of continuous improvement.

By communicating these principles, you can help to ensure that organizations are prepared to face whatever cyber threats come their way.

Additional Insights from Black Hat USA 2023