Cyber Security Solutions and Key Takeaways from Black Hat USA 2019

Sep 30, 2019

Cyber Security Solutions and Key Takeaways from Black Hat USA 2019 Image

Every year, there are a number of highly attended cyber security conferences that IT professionals from all backgrounds attend to grab an insight into emerging technologies and trending security practices. DEF CON and Black Hat USA are two security conferences dedicated to hackers and cyber security professionals who get together to share insights on security breaches, known vulnerabilities, and malware infections globally. Dai Zovi, a security veteran and mobile security lead at Square, shared his insights from the last 20 years of attending Black Hat and the evolution he has seen within IT teams in his keynote speech. He emphasized the importance of communication, collaboration, understanding, feedback, and automation as integral necessities for cyber security. A theme that resonated with the entire security community was security automation and his principles for bolstering cybersecurity within organizations: 

  1. Work backward from the job to be done. 
  2. Seek and apply leverage, develop feedback loops and scale with software automation. 
  3. Understand the culture trumps strategy and tactics every time. 

Additionally, he mentioned the importance of building security responsibility within each IT team, so the risk is shared among security professionals, as well as utilizing software and automation to work smarter and not harder. There were two topics from the Black Hat USA conference that were trending including security collaboration between teams and the use of cyber security automation, and social media manipulation as a vehicle for malware. Let’s take a closer look at the cyber security solutions presented and breakdown what they are, how they work, and how Secuvant can help your company avoid them.

Cyber Security Automation & Collaboration

One of the main highlights from Black Hat USA was the enhanced collaborative efforts security teams from both small and large companies are participating in when it comes to software and business process implementation. Now that cyber security has become a focal point across multiple industries, the next step is determining the strategy on how security teams can play a role in cross-departmental collaboration, from offering self-service platforms and tools to solving business problems. This will help reduce risk and increase productivity for the organization as a whole.

Two laptops that use cyber security automation.

Additionally, cyber security automation is providing value to businesses in many ways including reducing costs, increasing productivity, improving the quality of risk controls, and reducing human error. At Black Hat USA, SOAR for cyber security was a trending topic that was discussed on the trade floor among security professionals of all backgrounds that are helping define, prioritize, and drive identification and response to cyber threats. The main takeaway from this portion of Black Hat USA was the prevalence automation is going to have on the industry and how this will be a key factor in the future of cyber security solutions.

Cyber Security Tip:

As different teams in organizations continue to engage with new technologies and software to increase efficiencies and solve problems, it will be important to keep risk management in mind and create internal policies for IT’s approval on the implementation of new software.

Social Media and Cyber Security: The Threats You Need to Know About

Social media has become interwoven in our daily lives, connecting us globally, but it has also become an avenue for cybercriminals to use social media as a way to release phishing and social engineering campaigns. This creates an environment of heightened risk for users and organizations, where personally identifiable information, including financial information, and business assets are targets for hackers. According to this article by CSO, a six-month study by Mike McGuire, senior lecturer in criminology at the University of Surrey, Bromium’s Social Media Platforms and the Cybercrime Economy report predicts that social media presents an ideal “global distribution center for malware,” with 20% of organizations infected via social media sites. Malvertising, malicious plug-ins and applications, and crypto-jacking were all methods of infecting users with malware and stealing information.

A Facebook account that need social media cyber security.

Social media and cyber security don’t seem like they would influence one another, but the truth is they do. Since spreading advertising content on all social networks is easy, so attackers are hacking the algorithms that spread this advertising. This has increased the need for companies to define their social media use and begin making efforts to protect their social media presence against attackers. The topic of social media and cyber security was much more prominent this year than in the past, as it is quickly becoming a growing issue that almost every company is vulnerable to.

Cyber Security Tip:

As social media attacks continue to increase, organizations should implement a social media policy that clearly defines when and how to use social media in the workplace or when speaking about the company. – Recommended by Eric Peterson, Director of Security Operations at Secuvant

Finding the Right Cyber Security Solutions

Placing cyber security at the forefront of your organization’s goals can at times be a challenge when you are working with limited resources and security expertise. Secuvant offers Managed Detection and Response SOC-as-a-Service, which can provide your team with a Security Operations Center with experienced security analysts trained to effectively prevent, detect, and respond to cyber threats. This service is designed to protect your company against attacks through various and proven methods. These include:

  • Advanced machine learning technology
  • Automated and manual alerting
  • Complete security analyst team
  • Dashboards and reports
  • Endpoint detection
  • Full and partial packet capture
  • Integrated intrusion detection
  • Integration and response
  • Investigating security alerts
  • Logging and threat detection
  • Ticketing and SLAs
  • Threat correlation

Black Hat 2019 provided useful insights into what’s new in the world of cyber security, and Secuvant is here to implement these new suggestions and changes. Our goal is to protect your business from all potential threats with our various, modern cyber security services. To learn more about how we can help you create a cyber security culture in your organization and enhance efficiencies across your teams, contact us today. Speak with a security professional today at contactus@secuvant.com or 855-732-8826.