78°F
weather icon Clear
Las Vegas, NV
Casinos & Gaming

Black Hat, with big names and crowds, infiltrates Las Vegas

Attendees check their devices during the Black Hat information security conference at Mandalay Bay, Wednesday, July 26, 2017, in Las Vegas. Richard Brian Las Vegas Review-Journal @vegasphotograph
In this May 16, 2012, file photo, the Facebook logo is displayed on an iPad. Intelligence officials warn that foreign adversaries continue to wage cyber warfare against the U.S. election systems. But with the midterm elections just three months away, political campaigns report that they’re largely on their own in the increasingly challenging task of protecting sensitive information and countering false or misleading content on social media. (AP Photo/Matt Rourke)
In this Feb. 27, 2012 file photo, voters cast their ballots during early voting at the Board of Elections building, in downtown Chicago. Illinois is set to receive $13.9 million in federal funds after Russian hackers breached the state's voter registration systems ahead of the 2016 election. Illinois plans to use the money to enhance its cybersecurity practices and to train local election officials. Elections officials had initially hoped to use the funds to replace decades-old voting machines. But state and federal requirements say the money must be used primarily on preventing a repeat of 2016. (AP Photo/M. Spencer Green)
In this March 18, 2014 file photo, voters cast their ballots in Hinsdale, Ill. Illinois is set to receive $13.9 million in federal funds after Russian hackers breached the state's voter registration systems ahead of the 2016 election. Illinois plans to use the money to enhance its cybersecurity practices and to train local election officials. Elections officials had initially hoped to use the funds to replace decades-old voting machines. But state and federal requirements say the money must be used primarily on preventing a repeat of 2016. (AP Photo/M. Spencer Green)
In this April 26, 2018, photo, visitors stand in front of an electronic data display showing a map of China at the Global Mobile Internet conference in Beijing. A California-based security-research firm said Wednesday, July 11, 2018, that it found evidence that an elite Chinese government-linked hacking team has penetrated computer systems belonging to Cambodia's election commission, opposition leaders and media in the months leading up to Cambodia's July 29 election. (AP Photo/Mark Schiefelbein)
This June 5, 2018 file photo shows people marking their ballots at a polling station at Robert F. Kennedy Elementary School in Los Angeles. A security review found a software error caused a problem that resulted in nearly 120,000 voters being left off the printed voter rosters at Los Angeles County polling places in California's June primary. The review by IBM Security Services released on Wednesday, Aug. 1 says investigators found no evidence of a cyberattack. (AP Photo/Richard Vogel)
Cybersecurity jobs have increased as corporations and governments look for employees who can protect them from hackers. Thinkstock computer security
More Stories
The Downtown Grand Hotel and Casino, as seen on Friday, Dec. 15, 2023, in Las Vegas. (Daniel Pe ...
Downtown Las Vegas casino to pay $720K to settle disability discrimination claims
A player inserts a coin into a machine within the revamped slots area called Slots A Fun which ...
State records first decline in gaming win in eight months
Tropicana’s implosion set for fall, making way for A’s ballpark
Off-Strip hotel-casino president stepping down
By Todd Prince Las Vegas Review-Journal
August 4, 2018 - 11:13 am
 
Updated August 4, 2018 - 3:44 pm

Black Hat USA, the largest annual cybersecurity conference, is expecting record attendance in Las Vegas this week as high-profile breaches and election meddling fears dominate headlines.

More than 17,000 cybersecurity professionals from government, academia and the private sector are expected to turn out for the six-day show to attend some of the 80 training sessions and 120 briefings on offer. The show has nearly doubled in size since 2014.

“Security has become mainstream. It really has its hands in everything these days,” said Steve Wylie, the general manager of the show. “Companies are having to send more and more people to get training” as threats grow, he said.

The show kicked off Saturday at the Mandalay Bay Convention Center and wraps up Thursday.

Black Hat will feature 300 exhibitors, such as Cisco Systems, offering a range of services and products to protect networks or detect, identify and respond to breaches. Cisco announced Aug. 2 it will buy Duo Security for $2.4 billion, at least the company’s fourth acquisition of a cybersecurity firm since 2013.

Show attendees represent some of the largest companies in the U.S., including JPMorgan Chase, Blue Cross Blue Shield, Amazon, Nike, AT&T and Exxon Mobil, underscoring the ever-growing importance of security to all industries.

Show highlights

The first four days of Black Hat are dedicated to training sessions that focus on topics such as advanced hacking techniques, social engineering and cloud security to give employees the tools to better protect their companies and organizations.

The last two days of the show consist of briefings dedicated to a wide range of current issues. Election hacking will be a hot topic again this year along with critical infrastructure vulnerability, Wylie said.

A Black Hat survey of cybersecurity professionals published in June showed that nearly 70 percent now expect a successful attack against critical infrastructure, up from 60 percent last year.

Carsten Schuermann, a professor at the University of Copenhagen, will deliver a briefing Thursday on the vulnerabilities of the voting machines used extensively in Virginia elections during 2004 and 2015.

Other briefings will focus on hacking connected cars, cash machines and implanted medical devices.

Job shortage

Black Hat will occupy more space at the Mandalay Bay this year as the show grows alongside the industry, Wylie said.

But the breakneck growth is causing a severe industry labor shortage, security specialists said. Some companies and organizations, like the FBI, come to Black Hat in part to recruit.

There are currently about 250,000 jobs openings in cybersecurity around the U.S., according to Sam Olyaei, principal research analyst at Gartner Inc., a global research and advisory firm.

While that is down by half since 2016, the global shortage is forecast to balloon. Olyaei said the industry now expects there will be more than 3 million unfilled cybersecurity jobs globally by 2021, up from an earlier forecast of 1.4 million.

“The demand for cybersecurity specialists is insane. [The country] cannot produce enough to meet the demand,’’ said Giovanni Vigna, the chief technology officer of Lastline, a company that provides network and email security products to detect and fight cyberattacks.

Lastline, which will be exhibiting at Black Hat, has nearly doubled its head count to about 140 over the past year amid growing demand for its products.

Vigna, who also serves as the director of the Center for Cybersecurity at the University of California, said he recruits from the university as well as at hacking competitions.

Olyaei said companies too often search for cybersecurity professionals with a certain skill set, such as knowledge of specific malware tools that may become obsolete in a few years.

They should widen their search to include people not just with strong technical skill sets but also with business backgrounds so they can understand the security needs of an organization, he said.

Vigna said other companies have been looking at machine learning and artificial intelligence to combat cyberattacks while simultaneously reducing their demand for security personnel. However, the technology hasn’t matured to that level.

“People are starting to understand that it’s not a silver bullet,” Vigna said.

Inevitable

Facebook, footwear maker Under Armour, bakery chain Panera Bread and marketing firm Exactis are among the U.S. companies that have announced major data breaches in the last few months. Breaches can cost large companies tens of millions of dollars in lost business and lawsuits.

That has driven companies and organizations across the board to spend more on cybersecurity and enhance employee training. Zion Market Research earlier this year forecast cybersecurity firms will generate annual revenue of $187 billion in 2021, nearly double the amount for 2015.

Companies have historically spent the overwhelming majority of their cybersecurity investment on protection tools, such as firewalls and anti-virus software.

However, over the past few years they have shifted more toward breach detection and response as they come to realize the odds of stopping every attack is slim, Olyaei said.

“You will be breached. There is no such thing as perfect protection,” he said, describing a breach as inevitable as death.

His blunt comment was supported in a survey published in July by Osterman Research that showed U.S. companies and organizations face a “major” attack on average every 6.7 months.

Phishing — the act of soliciting personal information often through emails purporting to be from a trustworthy sender — continues to be the most common type of attack against organizations followed by spyware and ransomware infections, according to Osterman.

Contact Todd Prince at 702-383-0386 or tprince@reviewjournal.com. Follow @toddprincetv on Twitter.

Don't miss the big stories. Like us on Facebook.
THE LATEST
MORE STORIES
recommend 1
AT&T notifies 73M users of data breach from dark web
recommend 2
Some Health District clients might have had info compromised
recommend 3
U.N. court to hear case accusing Germany of aiding Israel war
recommend 4
MGM cyberattack again in the spotlight after lawsuit, broadcast
recommend 5
10 of the biggest real-life casino heists of all time
recommend 6
Evacuation notice lifted in Utah town near cracked dam